WS-Federation federations

The Federation Module supports WS-Federation federations.

WS-Federation is a protocol used to accomplish federated single sign-on from identity providers to service providers. Users authenticate at identity provider. Service providers use the identity information asserted by identity providers.

WS-Federation protocol defines a standardized, multi-vendor web-based single sign-on solution based on a collection of integrated Web Services (WS*) standards such as WS-Security, WS-Trust, and WS-Federation.

Review the WS-Federation standards documents before you implement a single sign-on federation. The standards specify data exchange and message processing. Understand what information we must provide to our business partners, and what information the partner must provide to you.

• Identity provider and service provider roles
  Each partner in a federation has a role. The role is either Identity Provider or Service Provider.
• Create a WS-Federation federation
  To create a federation, review the configuration properties, run the configuration wizard, and configure a reverse proxy for the federation.
• Create a WS-Federation partner
  Create a federation partner by reviewing the configuration properties and then running the local management interface wizard on the appliance.
• Excluding elements from a WS-FED Request Security Token Response
  

Parent topic: Federation configuration