Single Sign-On Service › SSO Getting Started Guide › SSO Service Tasks and Features › WS-Trust Claims Retrieval and Transformation

WS-Trust Claims Retrieval and Transformation

As an Identity Provider, the SSO service supports the transformation of claims in an assertion through a Security Token Service (STS). Security tokens can carry claims, which are attributes about a user. The ability to change claims through a Security Token Service enables SSO to endpoints with varied applications.

The STS is a third-party service that acts as the bridge between the IdP and the site with the target resources. The SSO service, acting as the IdP, can perform the following actions:

• Transform claims from the inbound claim to a corresponding outbound claim.
• Add claims to an assertion.
• Delete claims from an assertion.

As a tenant administrator, you can request the following services:

• STS access for a particular STS client. The SSO service can support claims transformation for SAML 1.1, SAML 2.0, and WS-Federation.
• Addition of a WS-Trust application to the user console.