AuthorizationIdentity is a String property that represents the authorization identity provided for the External SASL authentication mechanism. 

In the External SASL authentication mechanism, the client sends an initial response to a server challenge with the authorization identity. The server uses information, external to SASL, to determine whether the client is authorized to authenticate as the authorization identity. If the client is so authorized, the server indicates successful completion of the authentication exchange; otherwise the server indicates failure. 

The system providing this external information may be, for example, IPsec or TLS. 

If the client sends an empty string as the authorization identity (thus requesting the authorization identity be derived from the client's authentication credentials), the authorization identity is to be derived from authentication credentials which exist in the system which is providing the external authentication. 

AuthorizationIdentity is used in StartAuthenticate to provide the client response for the SASL server challenge.

StartAuthenticate