Using Authz API

Authz API allows applications to perform customizable access checks with better performance and more simplified development than Low-level Access Control.

Authz API allows applications to cache access checks for improved performance, to query and modify client contexts, and to define business rules that can be used to evaluate access permission dynamically.

In This Section

Topic Description
Initializing a Client Context
An application must create a client context before it can use Authz API to perform access checks or auditing.
Querying a Client Context
Applications can call the AuthzGetInformationFromContext function to query information about an existing client context.
Adding SIDs to a Client Context
An application can add security identifiers (SIDs) to an existing client context by calling the AuthzAddSidsToContext function.
Checking Access with Authz API
Applications determine whether to grant access to securable objects by calling the AuthzAccessCheck function.
Caching Access Checks
When an application performs an access check by calling the AuthzAccessCheck function, the results of that access check can be cached.