Federatied Identity is an approach to identity management that allows one organization to grant or deny access to its protected resources based on digital identities managed by another [trusted] organization. The key point is that the resource provider relies on an externally managed identity, rather than creating another locally managed identity for the subject requesting access.

Wikipedia defines it as follows.

Federated identity, or the ‘federation’ of identity, describes the technologies, standards and use-cases which serve to enable the portability of identity information across otherwise autonomous security domains. The ultimate goal of identity federation is to enable users of one domain to securely access data or systems of another domain seamlessly, and without the need for completely redundant user administration.

Federated Identity can reduce IT costs, improve user experience, and increase security in collaborative environments.

1. The IT department of the resource provider does not have to create accounts , invest in account life-cycle management, or pay Help Desk costs to reset passwords for external users that are not even members of the organization.

2. External users do not have to wait for the resource provider’s IT department to create accounts before they can begin working on the project. They can logon once for access to local and remote resources rather than having to remember a different ID and password for every collaborative project they work on.

3. Access control decisions are based on fresh knowledge of the authorization status of external users. If an external user is terminated there is no stale account at the resource provider that could be misused to gain unauthorized access.