Let me be honest.
-
Let me be honest. I'm really no big fan of AI and I certainly get annoyed by companies pushing the technology on me! Does it have AI? Sorry, I'm not interested. I rather waste more of my time than the energy and water that it takes to power that hype...
I have to admit, though, that from an authorization viewpoint the AI use cases create quite some exciting times. For example, authorization across trust domains gets more attention now. Therefore, I added an article on Curity's website where I discuss among other things the role of the authorization grant and the need to maintain identity data across domains. Read the full article here:
https://curity.io/resources/learn/api-access-across-trust-domains/It seems to me that people start to realize that the content of tokens matters. APIs need verifiable data for their authorization decisions and you need patterns to maintain the information between API calls across trust domains. I've been trying to get that message through for years
If that's the legacy of AI, then there is something good to it after all! -
R relay@relay.infosec.exchange shared this topic
