Security Token Service is a Web Service (WS) Trust-based token service that allows for policy-driven trust brokering and secure identity propagation and token exchange between Web Services.
Security Token Service can be deployed as a Security and Identity Service and used to simplify the integration of distributed or federated Web services within an enterprise and its service providers.
Note:
Security Token Service is primarily based on the OASIS WS-Trust protocol but it also delegates the processing of other WS-* protocols present in the SOAP message.
Security Token Service brokers trust between a Web Service Consumer (WSC) and a Web Service Provider (WSP) and provides security token lifecycle management services to both. It allows for the use of various federation protocols like SAML, WS-Federation, Liberty, or OpenID.The Oracle Access Management Security Token Service (Security Token Service) is deployed with Access Manager and must be activated as a service.