A security token service (STS) is the service component that builds, signs, and issues security tokens. It can issue Kerberos, RSA, X.509, SAML 1.1, and SAML 2 tokens, or it can issue custom tokens. You can use a cloud STS such as a LiveID STS, a pre-built STS such as Active Directory® Federation Services (AD FS) 2.0, or, if you want to issue custom tokens or provide custom authentication or authorization, you can build your own custom STS using WIF. AD FS 2.0 is itself built on WIF. WIF makes it easy to build your own STS; however, it also provides extensibility points to implement your own authentication logic based on your business requirements.

This section contains topics that discuss building a Security Token Service (STS).

  1. Building an STS

  2. How to: Build an ASP.NET STS

  3. How to: Build a WCF STS

  4. Claims Issuance Pipeline

  5. WIF Tracing

  6. What is an IP-STS and what is a RP-STS?