For Security Token Service (STS) processing, these policies define configurations for handling WS-Trust requests and transferring identity information between security domains. For more information, see Web services standards.

IdP configuration

Use the administrative console in an IdP role to configure WS-Trust request-processing policy for your SP partner including:

  • The type of SAML token to create in response to an issue request from a web service client (WSC) application
  • The mapping of attributes to include within the issued SAML token
  • The key used to create a digital signature for the issued SAML token

SP configuration

Use the administrative console in an SP role to configure WS-Trust request-processing policy for your IdP partner including:

  • Whether to validate the incoming SAML token only, or to validate the incoming token and also issue a local token
  • The mapping of attributes to include in the locally issued token when applicable
  • The certificate used to verify the digital signature for the incoming SAML token
  • The key used to decrypt the incoming SAML token when needed