3.2.5.4.2.5 SecurityToken

The server MUST generate the value of the <SecurityToken> element as specified in [MS-MWBF], using the data cached in the <latToken> element to generate the claims for the user. Once the security token is generated, the value MUST be Base64-encoded.