Contents x
      Using the Policy Simulator
      • 24 Apr 2024
      • 1 Minute to read
      • Print
      • Dark
        Light
      • PDF
      Contents

      Using the Policy Simulator

      • Updated on 24 Apr 2024
      • 1 Minute to read
      • Print
      • Dark
        Light
      • PDF
      Article Summary

      Accessing the Simulator

      SaaS Access

      Visit simulator.operations-ext.plainid.cloud/app

      Policy Simulator Local PAA Installation

      To install the Simulator locally on your PAA, contact PlainID support at support@plainid.com.

      Running the Simulator

      Response Configuration

      1. In the left pane, choose a Response Type.

        • "Asset Resolution": Provides a list of allowed assets and actions for a specific user/application.
        • "Policy Resolution": Returns the logical filtering of data or allowed data items for the user.
          • An additional field should be defined to support Query view.

      2. Fill out the input fields and select Run Report. You can access additional information by filling out the fields in the Advanced dropdown.

      When making a request for Policy Resolution, you need to include an extra field for Query view - the Fully Qualified Table Name. This field should be aligned with the name of the data type Asset template used for data access. This will enable you to visually demonstrate how the original SQL query will be modified based on the Policies in place.

      Advanced Configuration

      Additional options for parameter inputs:

      • Context Data: Pass identity context data for the request.
      • Identity Attributes: Add identity attributes to support dynamic group calculation or attribute-based conditions.
      • Environmental Data: Pass information required for requests, asset rules, and request conditions.
      • "Time Zone" and "Date and Time" for timestamp definition in request calculations.
      • IP: Passed in the request for IP-based condition calculation.

      Reviewing Authorization Responses

      In "Asset Resolution" response types, you can access:

      • Identity information from the request.
      • Permitted assets, associated actions, asset IDs, templates, attribute lists, and granting policies.
      • Lists of all policies granted to the identity.

      Click Request to view the Authorization request sent to the PDP, which can be useful for custom code or testing with Postman.

      Click Response to view the JSON response as calculated by the PDP.

      Was this article helpful?
      What's Next