---
title: Identity mapping
description: Identity mapping is at the core of identity federation. One of the primary goals of SAML is to provide a way for an identity provider (IdP) to send a secure token, called the assertion, containing user-identity information that a service provider (SP) translates or maps to local user stores.
component: pingfederate
version: 13.1
page_id: pingfederate:introduction_to_pingfederate:pf_ident_mapp
canonical_url: https://docs.pingidentity.com/pingfederate/13.1/introduction_to_pingfederate/pf_ident_mapp.html
llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt
docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md
revdate: July 5, 2022
section_ids:
  related-links: Related links
---

# Identity mapping

Identity mapping is at the core of identity federation. One of the primary goals of SAML is to provide a way for an identity provider (IdP) to send a secure token, called the assertion, containing user-identity information that a service provider (SP) translates or maps to local user stores.

For browser-based single sign-on (SSO), PingFederate enables two modes of identity mapping between domains: account linking and account mapping.

For WS-Trust security token service (STS), PingFederate uses account mapping.

See subsequent topics for more information about these identity mapping options.

## Related links

* [Supported standards](pf_supported_standards.html)