Digital Identity Guidelines: Federation and Assertions [including updates as of 12-01-2017]

Published: December 01, 2017

Author(s)

Paul A. Grassi, Ellen M. Nadeau, Justin P. Richer, Sarah K. Squire, James L. Fenton, Naomi B. Lefkovitz, Jamie M. Danker

Abstract

This document and its companion documents, SP 800-63, SP 800-63A, and SP 800-63B, provide technical and procedural guidelines to agencies for the implementation of federated identity systems and for assertions used by federations. This publication supersedes corresponding sections of SP 800-63-2. These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. This guideline focuses on the use of federated identity and the use of assertions to implement identity federations. Federation allows a given credential service provider to provide authentication and (optionally) subscriber attributes to a number of separately-administered relying parties. Similarly, relying parties may use more than one credential service provider. [Supersedes SP 800-63C (June 2017): https://www.nist.gov/publications/digital-identity-guidelines-federation- and-assertions]
Citation: Special Publication (NIST SP) - 800-63C
Report Number:
800-63C
Pub Type: NIST Pubs

Supersedes

Download Paper

Keywords

assertions, authentication, credential service provider, digital authentication, electronic authentication, electronic credentials, federations
Created December 01, 2017, Updated December 01, 2017