Niner since 2009
Can end web application consume these claims if this is admin controlled? If so how end web application which uses these claims for authZ switch if these can dynamically changed by admins?
To the end you mentioned that the AD attributes gets transformed into claims using script/rule engine.
Can those transformmed attribute be used by end client application for authZ decision?
Fantasic presentation....all points discussed was basd on real world use cases...
This session had less take away points from an architect's perspective.