Oracle Security Token Service

Oracle Security Token Service is an enterprise-level solution that facilitates Token exchange, Identity propagation and end-to-end Security across web services through a Token based identity.  It provides the foundation to the current security infrastructure to facilitate a consistent and streamlined model for token acquisition and token validation that is protocol and security infrastructure agnostic.

Oracle Security Token Service is a Web Service (WS) Trust-based token service that allows for policy-driven trust brokering and secure identity propagation and token exchange between Web Services. Oracle Security Token Service can be deployed as a Security and Identity Service needed to simplify the integration of distributed or federated Web services within an enterprise and its service providers.

The benefits mainly includes:

• Decoupling web applications and  web services from the authentication mechanism through a centralized trust broker
• Facilitates web services to support multiple credential types through token translation mechanism.
  
• Supports scenarios where users are authenticated by their domain and granted access to web service resources in another domain
  
• Facilitates identity propagation scenarios where the authenticated user is granted access to downstream web services.