Term · 1. Core IAM
Relying Party RP
Definition
Application or service that depends on an Identity Provider to authenticate users and provide identity assertions. In SAML: Service Provider (SP). In OIDC: Client (OAuth 2.0 client). RP must trust the IdP's identity assertions and validate them cryptographically (signature, issuer, audience, expiry).
- Application
- MidPoint: System that relies on other party (identity provider) to provide identity information.
- Standards & regulations
-
- NIST SP 800-63-4 «Relying party (RP): RPs provide online transactions and services and rely upon a verifier’s assertion of a subscriber’s identity, typically to process a transaction or grant access to information or a»
- NIST SP 800-63A-4 «Relying party (RP): An entity that relies on a verifier’s assertion of a subscriber’s identity, typically to process a transaction or grant access to information or a system.»
- NIST SP 800-73-4 Part 1 «Relying party (RP): An entity that relies upon the subscriber’s credentials, typically to process a transaction or grant access to information or a system.»
- NIST IR 8149 «Relying Party (RP): An entity that relies upon the subscriber’s authenticator(s) and credentials or a verifier’s assertion of a claimant’s identity, typically to process a transaction or grant access »
- NIST SP 800-217 (Draft) «relying party (RP): The party that accepts an assertion from an IdP to allow the subscriber to access protected resources.»
- W3C Recommendation Web Authentication: An API for accessing Public Key Credentials Level 3 «In the context of the WebAuthn API, a relying party is an entity whose web application utilizes WebAuthn to register and authenticate users, and a relying party identifier is a valid domain string ide»
- FIDO2: Client to Authenticator Protocol (CTAP) 2.1 «Relying Party (RP): A WebAuthn or FIDO2 server application that uses the protocol to authenticate users and that requests, receives, and validates cryptographic authentication assertions from authenti»
- RFC 8897 «In the context of the Resource Public Key Infrastructure (RPKI), a relying party (RP) is an entity that makes use of the RPKI to validate routing information and therefore relies on the correctness of»
- Sources
-
- NIST SP 800-63 Digital Identity Guidelines (NIST) primary source
Related terms
-
Identity Provider (IdP)
System that authenticates users and issues identity assertions (SAML responses, OIDC ID tokens) to relying parties. Cent …
-
Digital Identity (DI)
Set of attributes, credentials, and identifiers that uniquely represent a person or non-human entity in digital systems. …
-
IAL (IAL)
NIST SP 800-63A Identity Assurance Level — measures the robustness of identity proofing. IAL1: self-asserted identity (n …
-
Kerberos
Network authentication protocol developed at MIT (Kerberos v5: IETF RFC 4120, 2005) using symmetric-key cryptography and …
-
Single Sign-On (SSO)
Authentication mechanism allowing users to access multiple applications with one login. Federated SSO (SAML, OIDC) — IdP …
-
Access Management (AM)
Discipline of granting and enforcing access to resources after identity has been established. Encompasses authentication …