STANDARD
CAEP — Primer
CAEP (OIDF Shared Signals) defines event‑based signals (e.g., revocation, risk) that relying parties consume to adapt sessions and access.
Why it matters
Standards reduce risk and vendor lock‑in. We implement this spec across our Studios and runtime so policy is portable.
Where it’s enforced
- Gateway: pre‑execution gating (plan/schema pins, params/egress)
- Shield: inline budgets/stream caps/content checks
- PDP: decisions with constraints/obligations/TTL
- IdP: passports, token exchange, consent/DPoP
How it works (high level)
CAEP (OIDF Shared Signals) standardizes event‑based session and risk signals (e.g., token revoked, risk changed). Push or query bindings deliver events; relying parties consume and adjust sessions/authorization.