A method and system for providing a client (102) with a copy of the authorization data that can be accessed and used by the client. The method is well-suited to key management protocols that utilize the concept of tickets. Two copies of the authorization data, a client copy and a server copy, are included within and forwarded to the client where the client is requesting a ticket for a specific application server (106). The client is capable of accessing the client copy of the authorization data such that the client can verify requests, and determine authorization of use for content and/or services requested.