Update access evaluation details

tratteria · Aug 7, 2024 · 9bdf07d · 9bdf07d
1 parent 691f48e
commit 9bdf07d
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 10 deletions.
diff --git a/content/docs/_index.md b/content/docs/_index.md
@@ -136,9 +136,9 @@ pre {
     <span class="yaml-key">subject</span>:
       <span class="yaml-key">id</span>: <span class="yaml-string">"${subject_token.email}"</span>
     <span class="yaml-key">action</span>:
-      <span class="yaml-key">name</span>: <span class="yaml-string">"${purp}"</span>
+      <span class="yaml-key">name</span>: <span class="yaml-string">"${body.orderType}"</span>
     <span class="yaml-key">resource</span>:
-      <span class="yaml-key">stockId</span>: <span class="yaml-string">"${request_details.body.stockId}"</span><span class="tooltiptext">Tratteria can call out to an AuthZEN API to evaluate whether execution should proceed. This specifies how to construct the request for access evaluation.</span></span></code>
+      <span class="yaml-key">stockId</span>: <span class="yaml-string">"${stockId}"</span><span class="tooltiptext">Tratteria can call out to an AuthZEN API to evaluate whether execution should proceed. This specifies how to construct the request for access evaluation.</span></span></code>
 </pre>
 
 <script>

diff --git a/content/docs/configuration-guide/trat.md b/content/docs/configuration-guide/trat.md
@@ -51,7 +51,7 @@ spec:
     subject:
       id: "${subject_token.email}"
     action:
-      name: "${purp}"
+      name: "${body.orderType}"
     resource:
       stockId: "${stockId}"
 ```
@@ -87,8 +87,9 @@ The above configuration specifies how to construct the TraT purpose and authoriz
 
 1. Request Body (referenced using `${body}`)
 2. Request Header (referenced using `${header}`)
-3. Variables defined in the API specification section (referenced using `${variable_name}`)
-4. Literal string constants
+3. Query Parameters (referenced using `${queryParameters}`)
+4. Variables defined in the API specification section (referenced using `${variable_name}`)
+5. Literal string constants
 
 The above generation rule produces a TraT as follows:
 
@@ -146,15 +147,15 @@ This section is optional. If access evaluation is enabled, then this section det
 
 ```yaml
 accessEvaluation:
-subject:
+  subject:
     id: "${subject_token.email}"
-action:
-    name: "${purp}"
-resource:
+  action:
+    name: "${body.orderType}"
+  resource:
     stockId: "${stockId}"
 ```
 
-This section supports referencing all default azdMapping references (`${body}`, `${header}`, and `${variable_name}`) as well as transaction-token request components (`grant_type`, `requested_token_type`, `audience`, `purpose`, `subject-token`, `subject-token-type`, `request-details`, and `request-context`).
+This section supports referencing all default azdMapping references (`${body}`, `${header}`, `${queryParameters}`, and `${variable_name}`) as well as transaction-token request components (`subject-token`, `request-details`, and `request-context`).
 
 The configuration above generates an access evaluation request body as follows: