Claims represent any identity information about a user. In some instances, the user can be an application or a computer. A claim enables the user to gain access to multiple resources, such as applications and network resources, without entering credentials multiple times.
A claim is a statement about a user (for example, a name). The bits of identity information include, name, e-mail address, age, or organizational roles and responsibilities. A claim can also include the right of a user to perform something like access a file. Claims can also contain a restrictive right like the financial limit of a user.
A claim is given one or more values and then packaged in security tokens issued by a security token service (STS).
The previous illustration represents a claims token. The illustration shows claim values inside the token.
Copyright © 2013 CA.
All rights reserved.
|
|