Web Services Security (WSS, also WSSE) is a set of specifications defined by the Web Services Security Technical Committee (see www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss) at the OASIS standards organization. WSS defines the XML extensions that can be used to secure web service invocations, providing a standard way for partners to add message integrity and confidentiality to their web service interactions. The WSS-defined token profiles describe standard ways of binding security tokens to these messages, enabling a variety of additional capabilities. The WSS technical committee has defined profiles for using SAML assertions, Username, Kerberos, X.509, and other existing security tokens. SSL/TLS is often used in conjunction with deployments of WSS.


The implementation of WSS in the deployment of web services identity federations is outside the scope of PingFederate, which provides a standalone, standard means of handling the tokens needed for such federations (see WS-Trust).

WSS token transfer
WSS token transfer flow diagram