or how to share with complete confidence
Identity federation is a simple tool organisations can use to share information about users, the aim being to enable users to navigate between different services after authenticating just once with a trusted third party which guarantees their identity.
It works by exchanging identity tokens and is based on two founding principles: a reliance on shared, recognised standards such as SAMLv2, OAuth2, OpenID Connect, and WS-Federation; and a separation of responsibilities between Identity Providers (IdP) and Service Providers (SP).
Identity federation allows you to control users’ accesses based on the relationships of trust established, the validity of the presented identity, and authentication with the trusted partner. Users thus access their applications and services totally transparently, without re-authenticating, thanks to the now tried and tested principles of Single Sign-On (SSO).
There are a huge number of implementations and use cases for identity federation, including:
- In finance: open up your IS to partners in total security, make compliance with regulations like DSP2 easier, simplify authentication procedures, and industrialise the connection of services to an identity federation platform.
- In the media: make users’ service registration and authentication journeys uniform, create interfaces with social networks to enable the use of third-party digital identities.
- In retailing and distribution or industry: control connections to Cloud applications like GSuite or O365 and accesses by any users, whatever their uses and working contexts.
- In the Government sector: ensure simpler relationships between citizens and government agencies by making it easier to register for and access e-services, offer the use of national identity providers such as those provided via FranceConnect
Identity federation must therefore be regarded as a key component of a comprehensive IAM strategy!