Federated identity management is an arrangement between multiple organisations or systems that allows users to use a single set of credentials to access resources across different security domains. It relies on trust relationships and standardised protocols such as SAML, OAuth 2.0 and OpenID Connect to securely share identity information between an identity provider (IdP) and service providers without transmitting passwords across organisational boundaries.
For organisations managing compliance across multiple platforms and cloud services, federated identity management simplifies access governance, reduces password fatigue and improves security by centralising authentication and enabling consistent enforcement of policies like multi-factor authentication. It is a key enabler for Zero Trust architectures and supports compliance with ISO 27001 access control requirements by providing a clear, auditable trail of who accessed what and when.