Overview#Authenticator Assurance Levels (AAL also seen as Authentication Assurance Levels) is intended to provide some confidence in the Authentication provided by Identity Provider (IDP) to a Relying Party at some desired Level Of Assurance NIST.SP.800-63B and
|AAL1||Provides some assurance that the claimant controls the Claim |
requires at least single-factor authentication.
|AAL2||Provides high confidence that the claimant controls Claim |
two different Authentication Factors (Multi-Factor Authentication) are required
approved cryptographic techniques are required.
|AAL3||Provides very high confidence that the claimant controls the Claim |
authentication based on Proof-of-Possession of a key through a cryptographic protocol
requires a “hard” cryptographic authenticator.