How claims, tokens, and the authentication process help to grant access to an application.
...
Sharing federation metadata
Using the RP’s public key, the STS encrypts the tokens
The RP uses the STS’s public key to verify tokens from STS
The RP uses its private key to decrypt the token and extract the claims from it
...
Examples of STS (Security Token Service) : Azure AD & Octa.
Users don’t need to set up numerous accounts on various domains and enter their login information each time they need to access a service or application.
Claims-Based Authentication gives an RP a uniform methodology for authentication.
| Tip |
|---|
The claims-based authentication clearly separates identity providers and applications consuming identity. |