After you enable the protocol, you must identify the STS server with a unique federation identifier for both SAML 2.0 and SAML 1.1 tokens, unless these IDs are already established for the corresponding browser-based single sign-on protocols.

In addition, also within these server settings tasks, you have the option to require authentication globally for access to STS endpoints.