# AuthZEN 2025 H1 roadmap ## Authorization API spec roadmap - **Draft 1 (First Implementers Draft)** (1.0.01) - Evaluation API: this API is complete. This is now an immutable document, and implementers can target it. - **Draft 2 - Jan: Evaluations API** (1.0.02): Evaluations API: boxcarring multiple requests into a single HTTP request/response. Jan work: incorporate evaluations semantics into spec (evaluate all, deny on first deny, allow on first allow). - **Draft 3 - Feb: Search and Partial Evaluation APIs** (1.0.03): this is our biggest work-in-progress. - Partial Evaluation: Vladi has a draft proposal as did Atul in the original spec. - Search: AlexB and Omri will come up with a proposal a predicate-based API that returns predicates/filters a listing API that returns the entitled data - **Draft 4 - March (Implementers Draft)** (1.0.04): Discovery endpoint: Given that PDPs can support a subset of authorization APIs, we need a means to discover what that subset is. The discovery endpoint can give us that (and more). - **Finalize AuthZEN 1.0 - June** (1.0.05) and submit it for review as a "Final Specification" ## Interop roadmap ### H1 - **Gartner IAM Summit (London) - March 24-25, 2025**. Envisioning three scenarios for an interop showcase. These scenarios could be implemented over the existing todo app, or with a new "enterprise-centric" use-case. - IDPs making an AuthZEN call to compliant PDPs to determine which scopes/claims to enrich an access token with - API gateways making an AuthZEN call to compliant PDPs to authorize whether a request should be forwarded to the endpoint - Relying parties making an AuthZEN call to compliant PDPs to determine whether the user can perform an action on a resource - **EIC 2025 - May 6-9, 2025.** - **Identiverse 2025 - June 3-6, 2025.** ### H2 - **Authenticate 2025** - **Gartner IAM Summit 2025 (Grapevine)**