Confirms identity before access.
Important factors:
o Convenience , Sources, Protocols , Assurance.
Federation allows trusted domains to share authentication.
Protocols: SAML, WS-Fed, OIDC.
Claims-based Identity: IdP sends claims (key/value pairs) inside tokens like JWTs.
Tokens:
o Access Token – grants access.
o Refresh Token – renews access.
o ID Token – proves identity.