Explain the concept of Federated Services

Go back to Tutorial

In this, we will learn about the concepts of federated services.

Federation is for enabling the access of services across organizational or domain boundaries by establishing trust relationships between the respective domain’s identity provider. Using Federated Services, there’s no need for a user to maintain a different username and password when accessing resources in other domains.

Federation scenario

• Firstly, the website uses the authentication services of IdP-A.
• Secondly, the user authenticates with IdP-B.
• Thirdly, IdP-A has a trust relationship configured with IdP-B.
• Lastly, when the user’s credentials are passed to the website, the website trusts the user and allows access.

Further, with the federation, trust isn’t always bidirectional. Although IdP-A may trust IdP-B and allow the user in domain B to access the website in domain A, the opposite isn’t true, unless there is configuring of trust relationship. However, an example of the federation in practice is when a user logs in to a third-party site with social media account. The social media platform can be Twitter. In this scenario, Twitter is an identity provider. And, the third-party site might be using a different identity provider, such as Azure AD. So, there’s a trust relationship between Azure AD and Twitter.

Reference: Microsoft Documentation

Go back to Tutorial