Dear working group, I'm interested in the communities and other identity expert's view on a topic I have mulled over lately. With more and more focus on clients (mainly driven through AI discussions), isn't it time to start thinking about continuous access evaluation for clients? In such an environment, wouldn't it make sense for the authorization server to also challenge the client for additional input to increase its confidence in the client and its behavior, similar to MFA or step-up authentication for users? What are your takes, thoughts?
Yours, Judith P.S.: "I don't care, I simply need to survive this day", " I'm too busy with other stuff. " or a simple "I haven't thought about it yet." are valid answers as well.
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
