Client Get Proof of Authentication by Asking for It
Fleetingauthentication vs identification vs authorization
People sometimes believe that getting an Identity Token is proof of authentication.
Therefore, getting a token tell nothing about who is currently playring and whether that person gives any consent to do anything. It only provide some information about that person.
The only way to get some valuably information about the person currently using per computer is redirecting per to an identity provider and asking the Identity Provider to send back the Identity Token of whoever could connect.
That means that authentication in a relying party is only done with interactive discussion with the Identity Provider.