5.1 Security Considerations for Implementers
Use of the RAZA protocol requires the client user to have access to read the user and claim information of security principals that the client is preforming authorization queries on.<2> It is recommended that access to the RAZA interface be limited to a subset of the principals who have access to read account information.