Consuming user information in your application headers Restricting users that can access an application Authenticating users from other identity providers