In addition to contract terms, a Technical federation also provides a central service that acts as a clearinghouse for identity operations. It routes authentication requests from the service back to the requester’s chosen identity provider, translating protocols as needed. The existence of a central service lowers the technical and administrative costs of participating in the network. For contrast, a federation network where the participants connect directly with one another rather than going through a central clearinghouse is called a Mesh.
Examples: WAYF provides federated single sign-on to Denmark’s higher education, research institutions, and libraries.
When to Use: A large entity is available to act as an identity clearing house.
Advantages: Encourages use of digital identity by providing a central clearinghouse for authentication. Service providers only need to integrate with a single identity provider. Requesters can choose from a variety of identity providers.
Disadvantages: Requires substantial investment that may only be available to very large institutions or states.
Ability to Scale: Can scale to support national identity programs.