×

Articles

Introduction to Claims

Introduction to Claims

What are Claims and how are they used.

Claims Explained

Claims Explained

Scopes, claims, tokens and everything in between.

Introduction to Scopes

Introduction to Scopes

Scopes and their relation to claims.

The Claims Authority

The Claims Authority

What is a Claims Authority.

Consent and Claims

Consent and Claims

The relationship between Consent and Claims.

Scopes, Claims and the Client

Scopes, Claims and the Client

Thinking about claims from a client perspective.

Using Claims in APIs

Using Claims in APIs

How to create a claims-based architecture for APIs and microservices.

Default Scopes

Default Scopes

How to use the default scope with a set of default claims.

Centralizing Identity Data

Centralizing Identity Data

How the claims infrastructure can be used to centralize the identity data.

Videos

Salesforce Claims Provider

Salesforce Claims Provider

Developer How-to's

Custom Claim Data Source

Custom Claim Data Source

Developer How-to's

Claims Mapper

Claims Mapper

Developer How-to's

Claims Consentor Demo

Claims Consentor Demo

Demos

Jacob Has a Horse, Says Travis – a Tale of Truths In a Microservice Architecture

Jacob Has a Horse, Says Travis – a Tale of Truths In a Microservice Architecture

Live presentations

OAuth Claims Ontology: Using Claims in OAuth and How They Relate to Scopes

OAuth Claims Ontology: Using Claims in OAuth and How They Relate to Scopes

Live presentations

A claim is statement that a particular entity has a particular property. In authentication, we usually think of claims as assertions about a user, as asserted by the Identity Provider. Claims are critical to reach the highest level in the API Security Maturity model. When designing a token-based architecture, it's important to understand how identity data is passed around. Claims provide a fundamental means for how to trust that the data is valid and true. A scope is a grouping of claims. In OAuth, a scope is defined as a string that may represent a resource the Client requests access to. The Scope is what gives access to APIs (with a valid token). But Scopes are also what gives access to claims.