Federated Identity (FID)

Federated Identity schema- secret double octopus

Federated Identity is the means by which an authenticating party can attest to a third party that it had successfully authenticated someone or something. The third party accepts the attestation provided by the authenticating party based on mutual trust previously established between the parties, and as a result, waives the requirement to authenticate the access-requesting party.

Frequently Asked Questions
What is federated identity?

A Federated Identity is an attestation produced by an authenticating party that verifies the identity of an access-requesting party to a third party.

What is the different between federated identity and SSO?

SSO is an enterprise solution that allows users to authenticate once (typically once per session) and get access to all enterprise resources connected to the SSO system. Typically to achieve this magic, multiple techniques are used behind the scenes, depending on what methods each resources supports.
Federated Identity on the other hand is a solution used across enterprises, or independently managed domains within an enterprise. It requires that two or more federated identity systems establish trust amongst themselves, to allow one identity federation party to attest to another about the identity of an access-requesting party.
In the future, when all enterprise resources will support federated identity, then there will be no need for a SSO solution.

What is the different between federated identity and SSO?

Federated authentication means that an access-requesting party is authenticated based on an attestation provided by a trusted authenticating party. The attestation replaces the need to independently authenticate the access-requesting party.