This short session explores the architectural implications of using claims for authorization purposes