Authorisation Engine

Enforce policies with intelligent, real-time evaluation of access requests.

Active policy enforcement

In many organisations, policies live on paper and “privilege creep” means system-level access controls give users too much freedom. The Symphonic Authorisation Engine is a middleware solution that actively enforces your access rules to ensure permissions always closely track business need.


Patented decision engine

The Symphonic Authorisation Engine is the middleware solution that sits between your users and your digital assets to provide you with a central point of control.

When you create a new policy using the Policy Manager, it’s validated against the digital assets and users in the Trust Framework, and compiled into Symphonic’s patented authorisation decision engine. All access requests – coming from inside and outside your organisation - are dynamically evaluated by the Authorisation Engine against your policy rules to ensure security and compliance.

Real-time decisions

The Authorisation Engine resolves static and dynamic (contextual) attributes in real-time to make authorisation decisions in milliseconds. Built for high performance in the most complex and demanding environments, authorisation decisions are made with no perceptible delay to the user.

The engine can also provide feedback information on why a specific decision was returned – and what information/attributes are required to gain access.




Symphonic’s open architecture works with your existing IT investment. It integrates easily with your systems through configurable, standards-based connectors (like REST, SOAP, MQ, etc.) supporting 240+ connector types. For proprietary systems, custom connectors can be quickly constructed.

The Authorisation Engine also integrates with your existing Identity Provider systems (like Active Directory, SAML and OpenID) to obtain trusted identity attributes for making authorisation decisions.

The design of Symphonic’s Authorisation Engine is based on five years of industrial and academic research. The patented technology is uniquely suited to solving the challenges of modern, cross-domain access management scenarios.