Category Archives: STS

A security token service (STS) is a software based identity provider responsible for issuing security tokens as part of a claims-based identity system. In a typical usage scenario, a client requests access to a secure software application, often called a relying party.

– definition from wikipedia

Create your own passive STS

In the following example i will show how to build a passive security token service (IP-STS) that issues tokens using WS-Federation. This post builds on work done in a previous post,  Create your own active STS. a complete working copy of the passive sts skeleton with full source is downloadable from here. The image below covers all… Read More »

Creating your own Active STS

The following example uses an active security token service (A-STS) that issues tokens using the WS-Trust standard. The type of STS discussed in this post is called a Active STS OR A-STS, it refers to the client that is actively in control of its own authenticated state. This client will typically have its own login window build into the… Read More »