Draft: Constrain AuthConfig.check_allowed() to full-type
AuthConfig.check_allowed() can only run when the auth type is set to "full". This is because we don't want to whitelist persons when doing auth by evaluating entitlements.
AuthConfig.check_allowed() can only run when the auth type is set to "full". This is because we don't want to whitelist persons when doing auth by evaluating entitlements.