Validate full end‑to‑end delegated identity behavior including SQL RLS.
-
Validate:
- SUSER_NAME() reflects delegated user
- RLS filters rows per user
- guest/B2B users succeed
-
Validate HTTP mapping
- invalid/missing token → 401
- missing identity claims → 401
- OBO failure → 401
- SQL permission denied → 403
Validate full end‑to‑end delegated identity behavior including SQL RLS.
Validate:
Validate HTTP mapping