[Openid-specs-risc] [External Sender] Authorization Events
George Fletcher
george.fletcher at capitalone.com
Tue Jun 20 13:16:30 UTC 2023
Hi Alex,
What would the Authorization Event "trigger"? Are you thinking of an event
that captures an Authorization result (policy passed/failed)? I do think
there is a need for "continuous authorization" like we have for "continuous
authentication".
Thanks,
George
On Tue, Jun 20, 2023 at 1:44 AM Alex Babeanu via Openid-specs-risc <
openid-specs-risc at lists.openid.net> wrote:
> Hello,
>
> I just joined the list, as I have a question, and sorry but not sure if
> there is a protocol in place for such things...
>
> In any case, I can see tremendous opportunity in defining an Event
> specific to Authorization. This event could be an authorization request or
> response. Note: authorization happens after authentication. I realise we
> could use a CAEP Claim change event to derive authorization, but I think we
> would need more...
>
> Anyway, is this the right group to discuss this topic?
>
> Many thanks and regards,
>
> ./\lex.
> --
> [image: This is Alexandre Babeanu's card. Their email is alex at 3edges.com.
> Their phone number is +1 604 728 8130.]
> <https://urldefense.com/v3/__https://hihello.me/p/cda689b1-0378-4b9c-88cf-33a9bc8ef0c5__;!!FrPt2g6CO4Wadw!OvD-xdCR0jETK4oZeXCVTaQZy0mED6vVDhO3qdkHsrSsTX1dzriI-uxG1JpRVmoZp3CVekPEejbjV833sVdizCIjxVFJH1LWjYCtUyV8$>
>
> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments
> hereto, is for the sole use of the intended recipient(s) and may contain
> confidential and/or proprietary information.
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
>
> https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/openid-specs-risc__;!!FrPt2g6CO4Wadw!OvD-xdCR0jETK4oZeXCVTaQZy0mED6vVDhO3qdkHsrSsTX1dzriI-uxG1JpRVmoZp3CVekPEejbjV833sVdizCIjxVFJH1LWjWfit2Kd$
>
______________________________________________________________________
The information contained in this e-mail is confidential and/or proprietary to Capital One and/or its affiliates and may only be used solely in performance of work or services for Capital One. The information transmitted herewith is intended only for use by the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying or other use of, or taking of any action in reliance upon this information is strictly prohibited. If you have received this communication in error, please contact the sender and delete the material from your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230620/ce7eea94/attachment-0001.html>
More information about the Openid-specs-risc
mailing list