-
Notifications
You must be signed in to change notification settings - Fork 0
Redelegation
Justin Richer edited this page Aug 3, 2020
·
1 revision
A client is delegated access by the AS, but what if the client wants to re-delegate additional access to another piece of software? That software should be able to get involved without impersonating the client.
Similarly, if the client calls RS1 which needs to call RS2, then RS1 should be able to get a token in the context of the token it got from the client in order to call RS2.
In both cases, all of the rights have already been delegated (including, perhaps, and explicit redelegation right), and so the user/RO shouldn't need to get involved again.