Updated: January 22, 2010
Applies To: Active Directory Federation Services (AD FS) 2.0
In Active Directory Federation Services (AD FS) 2.0, a claims provider is a Federation Service responsible for collecting and authenticating a user, building up claims for that user, and packaging the claims into security tokens that the relying party uses to make authorization decisions.
A Federation Service in a claims provider role provides the following:
A Web service that issues security tokens in a recognized format
Administrators with the means to publish federation metadata that a relying party can retrieve
Adding a claims provider trust to AD FS 2.0 gives users of that claims provider access to the relying parties that are configured in AD FS 2.0. Each relying party application makes authorization decisions about a user by examining the claims that AD FS 2.0 provides. AD FS 2.0 uses the administrator-defined claim rules for a claims provider to determine what claims to issue about each user, based on the relying party that is involved.