!!! Overview [1]
[{$pagename}] are related but with important differences.
[Authentication Context Class] ([acr_values]) specifies the [Policy] that [authentications] are being requested to satisfy. The [Policy] can often be satisfied by using a number of different specific [Authentication Method Reference Values], either singly or in combination.
[Authentication Method Reference Values] ([amr_values]) specifies about the particular [Authentication Methods] that are used without regards to the [Authentication] Process.
Relationship to "acr" ([Authentication Context Class Reference])
The "acr" ([Authentication Context Class Reference]) claim and "[acr_values]" [request] parameter are related to the "amr" ([Authentication Method Reference]) claim and "amr_values" [Authentication Request] parameter, but with important differences.
[Authentication Context Class] specify a set of business rules that [authentications] are being requested to satisfy. These rules can often be satisfied by using a number of different specific [Authentication Method], either singly or in combination.
Interactions using "acr" request that specified Authentication Context Classes be used and reply saying which [Authentication Context Class] was satisfied.
The reply states that it was satisfied -- not how it was satisfied.
In contrast, interactions using "[amr]" make statements about the particular authentication methods that are used. This tends to be more brittle than using "acr" since the authentication methods that may be appropriate for a given authentication will vary over time, both because of the evolution of attacks on existing methods and the creation of new [Authentication Methods].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [https://tools.ietf.org/html/draft-jones-oauth-amr-values-05|Wikipedia:https://tools.ietf.org/html/draft-jones-oauth-amr-values-05|target='_blank'] - based on information obtained 2017-04-04-