Federated identity management was an early driver behind the formation of the Liberty Alliance, and we have worked hard to understand the marketplace needs, create specifications that address real business issues, and drive convergence in this space. We believe that federation, when implemented well, can reduce costs, increase security, strengthen the user experience, and in many cases open doors for new business offerings. This has been proven to be the case repeatedly in Liberty-based deployments.

We have also recognized the importance of collaboration and the drive toward convergence in the identity industry, with an aim toward helping our members and their customers more easily, effectively, and successfully implement federated solutions that solve real business needs. As such, we submitted our final version of federation specifications, ID-FF 1.2, to OASIS for inclusion in SAML 2.0. Additionally, we developed support for SAML 2.0 in our Identity Web Services Framework standards, completing the cycle and offering a full solution to deployers.

Relationship between ID-FF, Shibboleth, and SAML2

We strongly support continued success in federated deployments, and focus much of our current work in federation focuses on the interoperability of commercial products through our Liberty Interoperable™ program, which includes SAML 2.0 conformance testing, and increasing marketplace understanding of federation.

Additional Resources

For an overview of the relationship between ID-FF, SAML2, and ID-WSF 2.0, please see the discussion in the Federation section of Strategic Initiatives.

Liberty Alliance ID-FF 1.2 Specifications:

Now more than one billion Liberty-enabled devices and identities


ID-FF 1.1 Interoperable Product Table

ID-FF 1.1 Interoperable Implementation Table

ID-FF 1.2 Interoperable Implementation Table

The initiatives put forth in the Liberty Alliance Project have applications in real-world scenarios.

Case Studies

This tutorial was created for developers looking for a quick entry point.

Liberty Quick Start

RSA Conference - Federated Identity: Evolving Past Industry Strife

Governments across the globe are adopting SAML 2.0 as the standard-of-choice in their federation solutions. This panel-based presentation is comprised of four case studies that provide an overview of current deployment scenarios and roadmaps governments have put in place for the wide scale deployment of SAML 2.0. Open standards are helping governments meet regional regulatory demands and vendors worldwide are helping to facilitate the adoption of SAML 2.0 technologies.

SAML 2.0 – Standard-of-choice in the Public Sector

SAML 2.0 vs WS-Fed comparison

XML School July 2007--Federated Identity Challenges/User Centricity

This presentation overviews Dynamic SAML, which aims to simplify federation connectivity for rapid secure SSO in a matter of seconds. Several use cases are presented that validate time and resource savings--as well as additional functionality achieved--through use of Dynamic SAML.

This presentation reviews Orange's Personal API, noting 7 of 10 in France already have an Orange Identity, which offers enhanced user capabilitieis as well as tremendous partner capabilities for ease of use and business options. Detailed use cases and flow diagrams are included, as well as reference to the SAML script utilized

BT's federated deployment supports 36M+ transactions per day, 150,000 employees and partners, and 8M online customers, with a 20M customer potential. This case study presentation explores the business drivers BT experienced and the positive results they are achieving, with an eye toward more federation projects in the future.

Rearden Personal Assistant leverages federation technology to help users find and purchase the services they need based on their preferences and company policies. As users schedule travel, dining reservations, corporate entertainment, package shipments, web conferences and other services, the Rearden Personal Assistant automatically updates their calendars and notifies them of any changes.

UNINETT’s simpleSAMLphp: Doing IDM the “Simple” Way

•  UNINETT FINAL9.08.pdf 407.41 kB