Who will be able to access my application?
A federation configuration will allow a group users (either Penn or all of InCommon) to authenticate
to your application however identity providers only manage authentication. Authorization determines which
users are actually allowed to use the application. Typically, this decision is made based on the value of
a received attribute, such as “eduPersonScopedAffiliation.”