Federation as we use it is Federated Identity Management

Federation is a process that allows for the conveyance of identity and authentication information across a set of networked systems. In a Federation scenario, the verifier or Credential Service Provider is known as the Identity Provider (IDP), or IDP. The Relying Party, or RP, is the party that receives the Federated Identity. (NIST.SP.800-63C)


A Federation occurs when one system trusts an Identity Provider (IDP) to authenticate a digital Identity

Some people only refer to Federation when it is Cross-domain authentication.

Others prefer to say anytime the authentication Method is not on the same system it is a Federation.

Generally, any RP which accepts the credential's from an Identity Provider (IDP) is part of a Federation.

The Identity Provider (IDP) is the Primary Domain and the other security domains that trusts the Identity Provider (IDP) to authenticate a digital Identity are referred to as Relying Party (RP)/Service Providers (SP).

Credential information is typically NOT passed between the parties.

Digital Identity data may be passed between these parties.

Federation is a form of Identity Correlation and/or Identity Broker

Often Tokens are used in Federation by a system called a Security Token Service (STS) which would typically be in or strongly associated with the Identity Provider (IDP)

Federation Models#

Federation Models provides an overview of and requirements for common identity Federation Models currently in use. In each model, relationships are established between members of the federation in several different ways.

More Information#

There might be more information for this subject on one of the following: