Thursday, August 13, 2020
Identity federation is a system to integrate or handle the authentication and access control between multiple IdPs and SPs.
Example, an organization employee, Dave, needs to work with multiple applications provided by his own organization and also different organizations. Say, one of the external application is LinkedIn Learning. In the meantime, LinkedIn Learning also provides their service to multiple organizations.
Dave could login to LinkedIn Learning using his company's email or his company account. How this works? By implementing identity federation.
Identity federation establish the trust relationship between the IdP, that could be Azure AD from Dave's organization, and the SP, which is LinkedIn Learning in this case.