Using the Curity Identity Server to issue custom claims
Best practices for issuing and managing claims to ensure secure API authorization.
Best practices for designing OAuth scopes in real world systems and managing them at scale.
Learn how consent relates to claims in the authorization process.
Discover how to use the default scope with a set of default claims.
A brief overview of what a claims authority is and what role it plays in the process of issuing claims.
Learn what scopes are, their role in authorization, and how to handle them properly.
This article provides a comprehensive overview of the claims ontology. Scopes, claims, tokens and how they are related.
Learn how to create a claims-based architecture for APIs and microservices.
How the claims infrastructure can be used to centralize the identity data.
An overview of different aspects of claims and scopes from a client perspective.
Learn about claims: what they are, and how they are used in the authentication process.
A short explanation of the differences between scopes and claims.
A claim is statement that a particular entity has a particular property. In authentication, we usually think of claims as assertions about a user, as asserted by the Identity Provider. Claims are critical to reach the highest level in the API Security Maturity model. When designing a token-based architecture, it's important to understand how identity data is passed around. Claims provide a fundamental means for how to trust that the data is valid and true. A scope is a grouping of claims. In OAuth, a scope is defined as a string that may represent a resource the Client requests access to. The Scope is what gives access to APIs (with a valid token). But Scopes are also what gives access to claims.