Come up with convention of specifying scope values that either allow or deny having the claims associated with that scope value be unset/undefined/null.
Naive approach would be to assume that a requested authz implies that the claim is required to be populated by the requesting app.
picassobanana
commented
9 months ago
Come up with convention of specifying scope values that either allow or deny having the claims associated with that scope value be unset/undefined/null.
Naive approach would be to assume that a requested authz implies that the claim is required to be populated by the requesting app.