AMWA BCP-003-02 Authorization in NMOS Systems
About BCP-003-02
What does it do?
- Documents best practice for an API server to accept or reject requests depending on what a client is authorized to do.
Why does it matter?
- A secure control plane is essential.
- Authorization limits what clients can do to what is allowed.
- These recommendations allow interoperability using widely adopted open technologies.
How does it work?
- Recommends using AMWA IS-10 Authorization Specification
- This specifies how client provides credentials and gets access tokens.
- Encryption is a prerequisite (see BCP-003-01).
BCP-003-02 has been developed by the Advanced Media Workflow Association as part of the Networked Media Open Specifications initiative. See here for an overview of NMOS specifications.
The NMOS Testing Tool creates a simple web service for testing implementations of all NMOS APIs.
The links to documentation, API and examples below, and for SPEC links in the page menu bar are for this release or branch: releases/v1.0.0. Links to other published releases and other live branches appear later in the page, or in the VERSIONS menu.
Documentation for release v1.0.0
Published Releases
Live Branches
The formal specification is provided in this GitHub repository. These pages render the documentation and APIs (which are specified in RAML and JSON Schema).
| Repository | Default Branch | Lint (default) | Render (all) |
|---|---|---|---|
| nmos-authorization-practice | v1.0.x |  |
 |