Federation is an identity setup where one trusted directory or identity provider coordinates access to multiple services. Instead of creating separate local accounts everywhere, a user signs in once and the service accepts that identity through a trust relationship, often using protocols such as SAML or OpenID Connect. This is common in enterprise security because it simplifies login, centralizes policy, and makes offboarding or password resets easier to manage.
In cyber security, federation is powerful but sensitive: if the identity provider, trust configuration, or signing keys are compromised, an attacker may gain access across many connected systems at once. Misconfigured federation can also expose privileged roles, fail to enforce multifactor authentication, or leave stale trusts active after a vendor or tenant changes. Defenders use federation to strengthen access control, but they must monitor federation settings, protect certificates and tokens, and review which applications and admin roles are trusted through the shared identity layer.