ABSTRACT
Access is granted when a requester presents an SAML token with an appropriate set of authorization claims to a Java or .NET executable process compiled into the service.
9.3 Establishing Least Privilege Least privilege is the minimal set of claims that are needed for successful authorization. e requester may or may not need all of the claims that he/she can make. e claims are labeled for the specic service request or for a content access request, and least privilege is established by choosing only those claims.
