Using Authz API

Authz API allows applications to perform customizable access checks with better performance and more simplified development than Low-level Access Control.

Authz API allows applications to cache access checks for improved performance, to query and modify client contexts, and to define business rules that can be used to evaluate access permission dynamically.

In This Section


Initializing a Client Context

An application must create a client context before it can use Authz API to perform access checks or auditing.

Querying a Client Context

Applications can call the AuthzGetInformationFromContext function to query information about an existing client context.

Adding SIDs to a Client Context

An application can add security identifiers (SIDs) to an existing client context by calling the AuthzAddSidsToContext function.

Checking Access with Authz API

Applications determine whether to grant access to securable objects by calling the AuthzAccessCheck function.

Caching Access Checks

When an application performs an access check by calling the AuthzAccessCheck function, the results of that access check can be cached.