Relying party

A relying party (RP) is a computer term used to refer to a server providing access to a secured software application.

Claims-based applications, where a claim is a statement an entity makes about itself in order to establish access, are also called relying party (RP) applications. RPs can also be called “claims aware applications” and “claims-based applications”. Web applications and services can both be RPs.[1]

With a Security Token Service (STS), the RP redirects clients to an STS which authenticates the client and issues it a security token containing a set of claims about the client's identity, which it can present to the RP. Instead of the application authenticating the user directly, the RP can extract these claims from the token and use them for identity related tasks.[2]

The OpenID standard defines a situation whereby a cooperating site can act as an RP, allowing the user to log into multiple sites using one set of credentials. The user benefits from not having to share their login credentials with multiple sites, and the operators of the cooperating site avoid having to develop their own login mechanism.[3]

An application demonstrating the concept of relying party is software running on mobile devices, which can be used not only for granting user access to software applications, but also for secure building access, without the user having to enter their credentials each time.[4]

  1. ^ "Relying party". Microsoft Developer Network. Retrieved 2013-05-28.
  2. ^ "About Relying Party STSs". Microsoft Developer Network. Retrieved 2019-07-26.
  3. ^ "Benefits of OpenID". OpenID.net. 7 August 2009. Retrieved 2013-05-28.
  4. ^ "MicroStrategy's office of the future includes mobile identity and cybersecurity". WashingtonPost.com. 2014-04-14. Retrieved 2013-05-28.