Cyril Dangerville added a comment - 28/May/15 12:44 PM Thanks. Answer sent to rulgudi (AT) gmail (DOT) com: I suggest you have a look at the development guide to get started securing your REST services: http://www.fiware.org/devguides/handling-authorization-and-access-control-to-apis/ This will help you implement the authentication for your apps first, before you deal with authorization. After following the guide, your applications should be registered and identified in the IDM for this to work. And you can define the access control policy with the GUI in the IdM. The policy is then pushed to the Authorization PDP. Then, the PEP proxy for your service should be configured with the IdM URL to validate tokens and retrieve user/resource info from there as well. Then the PEP will send an authorization request to the Authorization PDP (Authzforce) using the API described here: http://catalogue.fiware.org/enablers/authorization-pdp-authzforce/documentation (User and Programmers Guide) I put the IdM/PEP proxy owner (Alvaro) in CC if you need more info on these. Regards, Cyril

Manuel Escriche added a comment - 26/May/15 2:38 PM Hello Cyril, Screenshots recovered!

Cyril Dangerville added a comment - 20/May/15 10:30 AM - edited Hello Manuel, I am missing the attached diagram of the original mail. Any chance to get it? [image: Im�genes integradas 1] ?