The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Federated identity

Federated identity allows a set of service providers to agree on a way to refer to a single user, even if that user is known to the providers in different guises.

Most commonly now, federated identity is achieved through the linking together of the user's several accounts with the providers. This allows the user to get more personalized service without centrally storing personal information. Also, it gives the user fine control over when and how their accounts and attributes are linked and shared, allowing for greater control over their personal data. In practice, this means that users can be authenticated by one company or web site and be recognized and delivered personalized content and services in other locations without having to re-authenticate or sign on with a separate username and password.

A federated identity is one that is both portable and potable, that is, it can be transported and consumed across autonomous domains or business boundaries. Effective identity federation benefits both users and enterprises - providing principals with a smooth, cross-domain browsing experience through single sign-on (SSO) and allowing enterprises to make available its resources to a class of users without the associated administrative costs.

 

See also this:

- SAML V2.0 glossary
- SAML Executive Overview
- SAML Technical Overview

 

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I