Protected Systems are those systems that use SGNL to make access decisions. Protected Systems are commonly applications, services, or infrastructure, but can realistically be any system that can integrate with SGNL’s APIs and SDKs.
Protected Systems need-not understand SGNL’s graph, or the business context therein. These Protected Systems need to only know the identifier for the Principal that’s requesting access and the action they are taking, the asset they are trying to access, or both. SGNL can determine the rest based on business context stored in the SGNL graph, and with human-readable policies that may be enforced.
Protected Systems may choose to send extra context to SGNL in order to enrich access evaluations - including context about the principal or their request (e.g. location, device, etc).