The PlainID IDP Token Enrichment Service integrates with Identity Providers (IDPs) to dynamically enrich users’ Authorizations. During authentication, entitlements calculated by PlainID Policies are translated into claims and included in the IDP-generated JWT, which is then used by Applications.
This pattern allows seamless, session-based access control without requiring the user or Application to interact directly with the PlainID platform. It supports advanced claim enrichment from multiple data sources and adapts to vendor-specific IDP configurations.
For detailed deployment and configuration guidance, see the IDP Token Enrichment article.