The IT Law Wiki

Definition[]

An identity federation is a group of institutions and organizations that sign up to an agreed set of policies for exchanging information about users and resources to enable access and use of the resources.

Identity Federations (or Federations) are based upon the principle that a user's authentication is undertaken by their home organization (their identity provider, or IdP), and that a resource (a service provider, or SP) trusts what the home organization states about that user.

A user is typically characterized by identity information (attributes) that is exchanged between the user's home organization and the service the user requests. The service uses the information received from the user's home organization in combination with other information (for example user ID and password) known about the user to authorize access.