General
- Claims-based applications are loosely coupled to identity.
- Claims decouple authentication from authorization so that the application doesn’t need to include the logic for a specific mode of authentication.
- Claims decouple roles from authorization logic and allow you to use more granular permissions than roles might provide.
- You can securely grant access to users who might have previously been inaccessible because they were in different domains, not part of any corporate domain, or using different platforms or technologies.
- You can improve the efficiency of your IT tasks by eliminating duplicate accounts that might span applications or domains and by preventing critical information from becoming stale.
References
An introduction to claims
