Single sign-on across multiple domains or organisations using a shared trust relationship between identity systems. It reduces repeated logins, but it can also mask stale permissions if lifecycle governance, access reviews, and revocation do not keep pace with the federated trust chain.
Expanded Definition
Federated SSO is a trust model that lets a user or workload authenticate once with an identity provider and then access multiple relying parties across organisational boundaries. The federation layer carries identity assertions, while each application still decides what the subject may do. In practice, the term is often used interchangeably with SSO, but that is incomplete: SSO describes the user experience, while federation describes the cross-domain trust relationship that makes it possible. Standards-based implementations commonly rely on SAML, OpenID Connect, or related token-based flows, and the NIST Cybersecurity Framework 2.0 remains a useful reference for access governance and ongoing control assurance.
Definitions vary across vendors when federated SSO is extended to NHIs, service accounts, and AI agents, because the authentication actor may be software rather than a person. NHI Management Group treats this as an identity governance problem, not just a login convenience feature, because trust must be paired with lifecycle control, revocation, and entitlement review. The most common misapplication is treating federation as a substitute for authorization and credential hygiene, which occurs when organisations assume the trust link alone keeps permissions current.
Examples and Use Cases
Implementing federated SSO rigorously often introduces governance overhead, requiring organisations to weigh smoother access against tighter identity lifecycle controls and dependency on the external identity provider.
- A SaaS platform accepts a SAML assertion from a corporate identity provider, letting employees use one corporate login while the application enforces its own RBAC policies.
- A partner organisation accesses a shared portal through federated trust, but access must be revoked immediately when the business relationship ends or the partner role changes.
- An engineering team uses federated access for cloud consoles so engineers authenticate through the home directory, reducing local password sprawl while keeping audit trails centralised.
- A machine-to-machine workflow uses federated identity to mint short-lived tokens for API access, aligned with Zero Trust expectations and reduced secret reuse.
For NHI-heavy estates, federation should be designed alongside secret storage and rotation practices described in the Ultimate Guide to NHIs. When organisations federate access for service accounts or agents, the same trust chain needs continuous review, because a valid assertion does not guarantee a current business need.
Why It Matters in NHI Security
Federated SSO becomes a security issue when it masks stale entitlements behind a trusted login path. In NHI environments, the real risk is not only compromised credentials, but also over-broad access that persists after a service is retired, a vendor contract ends, or an agent is repurposed. NHI Management Group notes that 97% of NHIs carry excessive privileges, and 91.6% of secrets remain valid five days after notification, showing how often revocation lags behind operational change. Federation can accelerate access, but it can also accelerate blast radius if access reviews are weak. The same concern appears in the Ultimate Guide to NHIs, which emphasises lifecycle governance, visibility, and offboarding as core controls.
For security teams, the priority is to bind federated trust to explicit expiry, least privilege, and rapid deprovisioning of both human and non-human identities. Organisations typically encounter the cost of federated SSO only after a partner account, dormant service principal, or AI agent is used outside its intended scope, at which point the trust chain becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-1 | Federated SSO depends on managed identities and verified access relationships. |
| NIST Zero Trust (SP 800-207) | SP 800-207 | Federation must still assume no implicit trust after authentication. |
| OWASP Non-Human Identity Top 10 | NHI-02 | Federation can hide stale NHI permissions and weak lifecycle revocation. |
Inventory federated identities and enforce access based on verified trust relationships.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 11, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
