Why this topic matters
Delegated trust is powerful because it lets applications act without collecting passwords. It is dangerous for the same reason. Once a tenant or user consents too broadly, the attacker may inherit durable access with a very small visible footprint.
Operator checks
- Audit app registrations, enterprise applications and consent grants as offensive objects.
- Model exactly which scopes and audiences produce usable downstream access.
- Examine federation trusts and legacy protocols that collapse identity boundaries.
- Pay attention to admin-consent workflows and default tenant behaviour.
Reporting lens
Write findings in terms of trust crossed, scope enlarged and business or operational effect reached. That keeps the note useful whether you are validating a lab, an internal research target or a live customer environment.
Curated public references
- OAuth 2.0 Authorization FrameworkBase framework for delegated authorization.
- OpenID ConnectIdentity layer semantics on top of OAuth.
- Microsoft Learn ยท App consentConsent governance and tenant behaviour.