Authorization policy defines the method of authorization.
An authorization policy is a connector that gets the parameters from the request and maps to a specified service for authorization. In other words, it executes an already defined service for authorization and use some of the request parameters for input.
Authorization Policy Identifier
An interface or a service can use a defined authorization policy for usage restriction.
It should have a unique name so that it can be referenced from an interface or service definition.
There are three kinds of authorization policies:
Executable Authorization Policy
This policy use an executable service for authorization.