Action Use Cases

​

Access Control

• Allow access only on weekdays for a specific application
• Allow access only to users who are inside the corporate network
• Only allow users with specific email addresses to log in

​

API Authorization

• Add user roles to tokens
• Add a user’s email address to the Access Token
• Deny access to anyone calling an API
• Add custom claims to a token

​

Compliance

• Update user profile metadata with user consent choice and redirect users to a consent page hosted by a third party
• Enable Strong Customer Authentication (SCA) and dynamically link operation details to authorize a sensitive transaction

​

Multifactor

• Require Multi-factor Authentication for users who are outside the corporate network
• Send a verification email

​

User Profile and Identity

• Set a default user picture
• Retrieve user preferences from an external source and add to the user identity