The following topics provide an overview about Token Service partners and partner profiles:
A Token Service partner represents a partner trusted by the Security Token Service.
Table 46-1 describes the partner types.
Table 46-1 Security Token Service Partners
Partner Type | Description |
---|---|
Requester |
Represents a Web Service Client interacting directly with Security Token Service in order to issue or validate tokens |
Relying Party |
References a Web Service Provider that will be the recipient of tokens issued by the Security Token Service server |
Issuing Authority |
Represents an Assertion issuer. When validating an Assertion, its issuer must be a known Issuing Authority Partner entry in Security Token Service |
Table 46-2 describe the Security Token Service that can interact with client types.
Table 46-2 Security Token Service Clients
Client Type | Description |
---|---|
Web Service Client |
Modules defined as requester partners in Security Token Service (typically SOAP clients). |
End users |
End users are not defined as requester partners, but possibly present in the User Identity Store. |
A Partner Profile contains configuration properties that are common to a set of partners, and each partner entry is associated to a Partner Profile.
Similar to the partners, there are three types of partner profiles: Requester, and Issuing Authority Partner Profiles.
Requester Profile
Relying Party Profile
Issuing Authority Partner Profile
Security Token Service Partner Entries include Certificates, Reference, and Reference only.
Table 46-3 describes a partner entry:
Table 46-3 Security Token Service Partner Entry
Partner Entry | Description |
---|---|
Certificates |
Signing and Encryption Certificates |
Reference |
Reference to a Partner Profile |
Requester only |
When the partner is a Requester, the partner entry also contains Username Token credentials, and Identification strings used to map incoming data to a requester. |
Security Token Service partner profile data includes requester, Relying Party, and Issuing Authority.
Table 46-4 describes a partner profile entry.
Table 46-4 Security Token Service Partner Profile Data
Client Type | Description |
---|---|
Requester |
|
Relying Party |
|
Issuing Authority |
|