Yeah only the first two sentences were actually relevant. The rest was a humble brag that there is no application level security, which is a really weird thing to brag about.
When I use SAML, I still have to check that the user has some sort of attribute that indicates that access was granted to the application. If this access rule is defined outside the application, then why bring up Claude? If it isn't then Claude is responsible for implementing the access rule, which means the comment is 100% wrong.
I have no idea what you are talking about but I just checked the scarface_74 user on Reddit (he not I) last posted 8 years ago and mostly on the r/bitcoin thread.
When I use SAML, I still have to check that the user has some sort of attribute that indicates that access was granted to the application. If this access rule is defined outside the application, then why bring up Claude? If it isn't then Claude is responsible for implementing the access rule, which means the comment is 100% wrong.