Federated Identity — IDM / IAM / IGA Glossary

Definition

Federated identity is an identity arrangement in which a user’s authentication and related identity attributes are provided by an external identity provider to one or more relying parties via a federation protocol, rather than the user authenticating directly to each service. It enables reuse of a user’s home or primary account across organizational or security domain boundaries while maintaining separation of responsibility between the identity provider and relying parties. Commonly, protocols such as SAML or OpenID Connect are used to convey assertions or tokens that represent the federated identity.

Standards & regulations

NIST SP 800-63C «In a federated identity scenario, the subscriber does not authenticate directly to the RP. Instead, the federation protocol defines a mechanism for the subscriber to authenticate through an IdP to the RP.»
NIST SP 800-63C-4 «In a federated identity transaction, the IdP is the source of identity and authentication attributes for the RP.»
NIST IR 8149 «Federated Identity Management: A process that allows for the conveyance of identity and authentication information across a set of networked systems.»

Sources

NIST SP 800-63 Digital Identity Guidelines (NIST) primary source

Related terms

← Back to glossary · Open in main list