AuthZEN 2025 H1 roadmap

Authorization API spec roadmap

• Draft 1 (First Implementers Draft) (1.0.01) - Evaluation API: this API is complete. This is now an immutable document, and implementers can target it.
• Draft 2 - Jan: Evaluations API (1.0.02): Evaluations API: boxcarring multiple requests into a single HTTP request/response. Jan work: incorporate evaluations semantics into spec (evaluate all, deny on first deny, allow on first allow).
• Draft 3 - Feb: Search and Partial Evaluation APIs (1.0.03): this is our biggest work-in-progress.
  • Partial Evaluation: Vladi has a draft proposal as did Atul in the original spec.
  • Search: AlexB and Omri will come up with a proposal
    a predicate-based API that returns predicates/filters
    a listing API that returns the entitled data
• Draft 4 - March (Implementers Draft) (1.0.04): Discovery endpoint: Given that PDPs can support a subset of authorization APIs, we need a means to discover what that subset is. The discovery endpoint can give us that (and more).
• Finalize AuthZEN 1.0 - June (1.0.05) and submit it for review as a "Final Specification"

Interop roadmap

H1

• Gartner IAM Summit (London) - March 24-25, 2025. Envisioning three scenarios for an interop showcase. These scenarios could be implemented over the existing todo app, or with a new "enterprise-centric" use-case.

  • IDPs making an AuthZEN call to compliant PDPs to determine which scopes/claims to enrich an access token with
  • API gateways making an AuthZEN call to compliant PDPs to authorize whether a request should be forwarded to the endpoint
  • Relying parties making an AuthZEN call to compliant PDPs to determine whether the user can perform an action on a resource

• EIC 2025 - May 6-9, 2025.

• Identiverse 2025 - June 3-6, 2025.

H2

• Authenticate 2025

• Gartner IAM Summit 2025 (Grapevine)