Chapter 7. Evaluating and Testing Policies

When designing your policies, you can simulate authorization requests to test how your policies are being evaluated.

You can access the Policy Evaluation Tool by clicking the Evaluate tab when editing a resource server. There you can specify different inputs to simulate real authorization requests and test the effect of your policies.

Policy Evaluation Tool

7.1. Providing Identity Information

The Identity Information filters can be used to specify the user requesting permissions.

You can also click Entitlement to obtain all permissions for the user you selected.

7.2. Providing Contextual Information

The Contextual Information filters can be used to define additional attributes to the evaluation context, so that policies can obtain these same attributes.

7.3. Providing the Permissions

The Permissions filters can be used to build an authorization request. You can request permissions for a set of one or more resources and scopes. If you want to simulate authorization requests based on all protected resources and scopes, click Add without specifying any Resources or Scopes.

When you’ve specified your desired values, click Evaluate.