FAL 2 or Federation Assurance Level Two Bearer Assertion, signed by Identity Provider (IDP) and encrypted to Relying Party.

FAL 2 maps to the OpenID Connect Authorization Code Grant or SAML (Security Assertion Markup Language) Web SSO Artifact Binding profile AND additionally requires that the OpenID Connect identity Token or SAML Assertion be encrypted to a Public Key representing the Relying Party in question.

More Information#

There might be more information for this subject on one of the following: