The Secret Security Wiki


Federated Identity Management

Federated Identity Management is the set of tools and processes through which two or more identity federation parties can establish mutual trust and allow one party to attest to another about the identity of an access-requesting party it had authenticated.

FIM is an arrangement of trust between companies or services providers to use the same identification data to access networks or services, linking a users identity across security domains.

  • What federated identity management (FIM) relies on token credentials?

    FIM itself does not deal with the question of how a user is authenticated – it deals with the question of establishing trust between to authenticating party and a relying party to allow the authenticating party to attest to the fact that it authenticated someone or something.

  • Is OpenID a form of federated Identity?

    OpenID is a form of identity federation that is widely adopted for federating identities across web applications/services.

  • How does federated identity management architecture works?

    At a high level a FIM architecture includes an authenticating party often called an identity provider (IdP) and a relying party that accepts attestations from the identity provider about a client (can be a user or device) it had authenticated. The client authenticates with the IdP and the IdP provides an attestation that is accepted by the relying party, and replaces the need for the relying party to independently authenticate the client.