Relying Parties

Applies To: Active Directory Federation Services (AD FS) 2.0

In Active Directory Federation Services (AD FS) 2.0, a relying party is a Federation Service or application that consumes claims in a particular transaction. Claims that originate from a claims provider can be presented and consumed by the relying party.

A Federation Service or application in a relying party role:

  • Acts as a Web service that can request a set of claims from a trusted claims provider.

  • Consumes the claims that it receives from its configured claims provider.

The role of relying parties in federation

When AD FS 2.0 is configured in the role of the relying party, it acts as a partner that trusts a claims provider to authenticate users. Therefore, the relying party consumes the claims that are packaged in security tokens that come from users in the claims provider.

Typically, the Federation Service in the relying party role uses the security tokens that the claims provider produces to issue tokens to the Web servers that are located in the same organization.

To function as a relying party application for AD FS 2.0, the relying party Web server must have either the Windows Identity Foundation (WIF) platform installed or the AD FS 1.0/1.1 claims-aware Web agent. Web servers that function as a relying party application can host claims-aware applications.


AD FS 2.0 does not support Microsoft Windows NT® token–based applications. In some cases, applications that rely on Windows NT tokens can be reconfigured to use the claims-aware Web agent.