Federation

Federation is the arrangement that lets one identity system trust another, so a single identity can be used across organizational or platform boundaries. It's the machinery underneath single sign-on: rather than each application holding its own copy of your credentials, applications federate to a central identity provider that vouches for who you are.

A common practical example: an organization on Microsoft 365 that also runs a Google tenant can federate the two, so people authenticate through one without maintaining separate logins for the other. Both Microsoft and Google support this, and there are step-by-step guides for setting it up — you don't necessarily need a full third-party SSO platform to benefit.

Federation, built on standards like SAML and OIDC, is what makes an identity-first model possible: authentication based on a trusted identity rather than a pile of independent username-and-password pairs.