A short explanation of the differences between scopes and claims.
How the claims infrastructure can be used to centralize the identity data.
How to create a claims-based architecture for APIs and microservices.
How to use the default scope with a set of default claims.
What are Claims and how are they used.
What is a Claims Authority.
The relationship between Consent and Claims.
Thinking about claims from a client perspective.
Scopes, claims, tokens and everything in between.
Scopes and their relation to claims.
A claim is statement that a particular entity has a particular property. In authentication, we usually think of claims as assertions about a user, as asserted by the Identity Provider. Claims are critical to reach the highest level in the API Security Maturity model. When designing a token-based architecture, it's important to understand how identity data is passed around. Claims provide a fundamental means for how to trust that the data is valid and true. A scope is a grouping of claims. In OAuth, a scope is defined as a string that may represent a resource the Client requests access to. The Scope is what gives access to APIs (with a valid token). But Scopes are also what gives access to claims.