So far, you’ve seen how to confirm that users are who they say they are and how to retrieve information about those authenticated identities. This gives your application the basic ability to distinguish between different users, but it’s only a starting point. To create a truly secure web application, you need to act upon that identity at various points using authorization.
Unable to display preview. Download preview PDF.