It can be useful for a front-end/back-end solution. The APP front-end ask the PKSA to sign a message with the account's key, then send it to its back-end with requests related to the account. The back-end can then validate the signed challenge against the account public key.