Can the C/Java Single Sign On agent SDK only authenticate a user, and not authorize them?

Document ID : KB000113402
Last Modified Date : 08/09/2018
Show Technical Document Details
Question:
Can the C/Java Single Sign On agent SDK only authenticate a user, and not authorize them?
Answer:
The SDK is flexible, and has separate calls for determining if a resource is protected, if a user is authenticated, and then if a user is authorized for the resource per the Single Sign On policy configuration. So it is possible in both languages to only do an authentication and skip authorization.