Page tree
Skip to end of metadata
Go to start of metadata

Jamie and I discussed the current implementation for authN + session validation. Discussed possibilities for using AM to communicate authZ to IDM with varying degrees of specificity (either using a static, corse-grained authorization indicator such as a custom id_token claim, or a more fine-grained authz method such as calling out to the AM policy engine). Did not really get a lot of customer feedback / questions that I recall from this.

  • No labels