[{"data":1,"prerenderedAt":690},["ShallowReactive",2],{"navigation":3,"/blog/federated-identity-explained":102,"/blog/federated-identity-explained-surround":685},[4],{"title":5,"path":6,"stem":7,"children":8,"page":101},"Blog","/blog","blog",[9,13,17,21,25,29,33,37,41,45,49,53,57,61,65,69,73,77,81,85,89,93,97],{"title":10,"path":11,"stem":12},"The difference between authentication and authorization","/blog/auth-vs-authz","blog/auth-vs-authz",{"title":14,"path":15,"stem":16},"Best of Breed vs. Monolithic Systems","/blog/best-of-breed-vs-monolithic-systems-finding-the-best-software-solution-philosophy","blog/best-of-breed-vs-monolithic-systems-finding-the-best-software-solution-philosophy",{"title":18,"path":19,"stem":20},"How Sports Organizations Use CIAM to Manage Digital Identity","/blog/ciam-sports-organizations","blog/ciam-sports-organizations",{"title":22,"path":23,"stem":24},"What Is Federated Identity and How Does It Work?","/blog/federated-identity-explained","blog/federated-identity-explained",{"title":26,"path":27,"stem":28},"How companies increase digital sales with Unidy","/blog/how-companies-increase-digital-sales-with-unidy","blog/how-companies-increase-digital-sales-with-unidy",{"title":30,"path":31,"stem":32},"HSV.ID: How Hamburger SV Built 500,000+ Activatable Fan Profiles with Centralized Identity","/blog/hsv-fanprofile-unidy-success","blog/hsv-fanprofile-unidy-success",{"title":34,"path":35,"stem":36},"The Essential Guide to Login Page Conversion Optimization","/blog/login-page-conversion-optimization","blog/login-page-conversion-optimization",{"title":38,"path":39,"stem":40},"Top Membership Management Software Solutions: 2026 Comparison Guide","/blog/membership-management-software","blog/membership-management-software",{"title":42,"path":43,"stem":44},"Newsletter Subscription Management Best Practices","/blog/newsletter-subscription-management","blog/newsletter-subscription-management",{"title":46,"path":47,"stem":48},"Passkey Authentication for Sports Clubs: 5 Steps to Get Started","/blog/passkey-authentication-sports-clubs","blog/passkey-authentication-sports-clubs",{"title":50,"path":51,"stem":52},"The rise of Passkeys as the next generation authentication method","/blog/passkeys-authentication","blog/passkeys-authentication",{"title":54,"path":55,"stem":56},"Passwordless Authentication Benefits: 7 Reasons to Make the Switch in 2026","/blog/passwordless-authentication-benefits","blog/passwordless-authentication-benefits",{"title":58,"path":59,"stem":60},"SAML vs. OIDC: What is the Best Approach for Your Business?","/blog/saml-vs-oidc","blog/saml-vs-oidc",{"title":62,"path":63,"stem":64},"SCIM: How Automated User Provisioning Transforms Customer Identity Management","/blog/scim-identity-management","blog/scim-identity-management",{"title":66,"path":67,"stem":68},"The Social Media Monetization Gap: Why Sports Clubs with Millions of Followers Own Almost No Fan Data","/blog/social-media-monetization-gap","blog/social-media-monetization-gap",{"title":70,"path":71,"stem":72},"The End of Third-Party Cookies","/blog/the-end-of-third-party-cookies","blog/the-end-of-third-party-cookies",{"title":74,"path":75,"stem":76},"Unidy and Data Talks Partner to Transform Zero-Party Data Management","/blog/unidy-data-talks-partnership-zero-party-data","blog/unidy-data-talks-partnership-zero-party-data",{"title":78,"path":79,"stem":80},"Proven User Onboarding Best Practices for Growth","/blog/user-onboarding-best-practices","blog/user-onboarding-best-practices",{"title":82,"path":83,"stem":84},"What is a Single-Sign-On and why is it important?","/blog/what-is-a-sso-and-why-is-it-important","blog/what-is-a-sso-and-why-is-it-important",{"title":86,"path":87,"stem":88},"What is a White Label Solution and why is it beneficial?","/blog/what-is-a-white-label-solution-and-why-is-it-beneficial","blog/what-is-a-white-label-solution-and-why-is-it-beneficial",{"title":90,"path":91,"stem":92},"What is our multibrand feature?","/blog/what-is-our-multibrand-feature","blog/what-is-our-multibrand-feature",{"title":94,"path":95,"stem":96},"Where we come from and where we want to go","/blog/where-we-come-from-and-where-we-want-to-go","blog/where-we-come-from-and-where-we-want-to-go",{"title":98,"path":99,"stem":100},"White-Label Identity Management: The Complete Guide","/blog/white-label-identity-management","blog/white-label-identity-management",false,{"id":103,"title":22,"authors":104,"badge":109,"body":111,"date":676,"description":117,"extension":677,"image":678,"meta":680,"navigation":681,"path":23,"seo":682,"stem":24,"tags":683,"__hash__":684},"posts_en/blog/federated-identity-explained.md",[105],{"name":106,"avatar":107},"Unidy Team",{"src":108},"/images/blog/bm.png",{"label":110},"Technology",{"type":112,"value":113,"toc":629},"minimark",[114,118,121,126,129,132,155,159,162,167,170,173,177,180,183,187,190,208,211,215,224,228,236,240,248,252,258,323,327,330,337,340,354,358,361,365,368,372,380,383,386,390,393,397,410,434,438,441,444,448,451,455,458,462,470,474,477,481,489,493,496,526,530,533,537,540,544,547,551,554,558,561,565,568,571,575,583,591,597,601,605,608,612,615,619,622,626],[115,116,117],"p",{},"Federated identity is a system that links a user's digital identity across multiple separate organizations, allowing them to log in once and access various applications without re-authenticating at each one. When you click \"Sign in with Google\" on a third-party website, you're using federated identity—Google confirms who you are so the other site doesn't have to manage your credentials.",[115,119,120],{},"This approach has become the foundation for how modern organizations connect users to services across organizational boundaries. Below, we'll walk through how federated authentication actually works, compare the key protocols like SAML and OpenID Connect, and explore practical implementation considerations for building a unified identity layer.",[122,123,125],"h2",{"id":124},"what-is-federated-identity","What is federated identity",[115,127,128],{},"Federated identity is a system that links a user's digital identity across multiple separate organizations or security domains. It allows users to log in once with a single set of credentials and then access various applications and services without re-authenticating at each one. You've likely used federated identity already—when you click \"Sign in with Google\" on a third-party website, Google confirms your identity to that site so you don't have to create a new account.",[115,130,131],{},"The system works through a trust relationship between two key players. An Identity Provider (IdP) is the system that actually verifies who you are and stores your credentials. A Service Provider (SP) is the application you're trying to access, and it trusts the IdP to confirm your identity. Standard protocols like SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC) handle the secure exchange of identity information between them.",[133,134,135,143,149],"ul",{},[136,137,138,142],"li",{},[139,140,141],"strong",{},"Identity Provider (IdP):"," The trusted system that authenticates users. Google, Microsoft, or a corporate directory can all serve as IdPs.",[136,144,145,148],{},[139,146,147],{},"Service Provider (SP):"," The application relying on the IdP to verify identity. This could be a SaaS tool, e-commerce site, or mobile app.",[136,150,151,154],{},[139,152,153],{},"Trust relationship:"," A formal agreement defining what identity information gets shared and how it stays secure.",[122,156,158],{"id":157},"how-does-federated-authentication-work","How does federated authentication work",[115,160,161],{},"The federated authentication process follows a predictable sequence that keeps your credentials secure while giving you seamless access across systems.",[163,164,166],"h3",{"id":165},"the-role-of-identity-providers-and-service-providers","The role of identity providers and service providers",[115,168,169],{},"An Identity Provider handles the actual verification of who you are. It stores your credentials, enforces security policies like multi-factor authentication (MFA), and issues assertions confirming your identity. The Service Provider, meanwhile, never sees your password. It simply trusts the IdP's confirmation that you are who you claim to be.",[115,171,172],{},"This separation is what makes federation powerful. Your credentials stay in one secure location rather than being scattered across dozens of different services.",[163,174,176],{"id":175},"trust-relationships-and-token-exchange","Trust relationships and token exchange",[115,178,179],{},"Before federation can work, the IdP and SP establish a trust relationship. This typically involves exchanging cryptographic certificates and agreeing on what user attributes will be shared—perhaps just an email address, or perhaps additional details like group memberships.",[115,181,182],{},"When you authenticate, the IdP creates a signed token or assertion containing your identity information. The SP validates this signature to confirm the assertion genuinely came from the trusted IdP and hasn't been tampered with.",[163,184,186],{"id":185},"the-step-by-step-authentication-flow","The step-by-step authentication flow",[115,188,189],{},"Here's what happens when you access a federated service:",[191,192,193,196,199,202,205],"ol",{},[136,194,195],{},"You attempt to access an application (the Service Provider)",[136,197,198],{},"The application redirects you to your trusted Identity Provider",[136,200,201],{},"You authenticate with the IdP using your credentials",[136,203,204],{},"The IdP generates a signed assertion confirming your identity",[136,206,207],{},"The SP validates the assertion and grants you access",[115,209,210],{},"The entire process typically takes just seconds, and you never share your password with the Service Provider.",[122,212,214],{"id":213},"key-protocols-and-technologies-for-identity-federation","Key protocols and technologies for identity federation",[115,216,217,218,223],{},"Several standard protocols enable secure federation. Each has its strengths, and the right ",[219,220,222],"a",{"href":221},"https://www.unidy.io/blog/saml-vs-oidc","choice between SAML and OIDC"," depends on your use case.",[163,225,227],{"id":226},"saml","SAML",[115,229,230,231,235],{},"Security Assertion Markup Language, or ",[219,232,234],{"href":233},"https://docs.unidy.io/technical-documentation/43Yox8946664zbsR6p9VyD/authenticate-via-saml-20/43Yox89467hmRd8L9XKtGv","SAML 2.0",", is an XML-based protocol that has been the enterprise standard for over two decades. It's particularly common for browser-based Single Sign-On (SSO) in workforce scenarios, such as connecting employees to cloud applications through a corporate identity system. SAML assertions are verbose but highly expressive, capable of carrying detailed attribute information about users.",[163,237,239],{"id":238},"oauth-20","OAuth 2.0",[115,241,242,243,247],{},"OAuth 2.0 is technically an ",[219,244,246],{"href":245},"https://www.unidy.io/blog/auth-vs-authz","authorization framework rather than an authentication"," protocol. It allows third-party applications to access resources on behalf of users—for example, letting a calendar app read your email to find meeting invitations. While OAuth handles the \"what can this app do\" question, it wasn't designed to answer \"who is this user.\" That's where OpenID Connect comes in.",[163,249,251],{"id":250},"openid-connect","OpenID Connect",[115,253,254,257],{},[219,255,251],{"href":256},"https://docs.unidy.io/technical-documentation/43Yox8946664zbsR6p9VyD/authenticate-via-oidc/43Yox89468eLDz65pzaFfW"," (OIDC) builds an authentication layer on top of OAuth 2.0. It adds identity verification to the authorization process and returns user information in JSON Web Tokens (JWT), which are compact and easy for modern web and mobile applications to process. OIDC has become the dominant choice for consumer-facing applications and newer enterprise deployments.",[259,260,261,280],"table",{},[262,263,264],"thead",{},[265,266,267,271,274,277],"tr",{},[268,269,270],"th",{},"Protocol",[268,272,273],{},"Primary use",[268,275,276],{},"Token format",[268,278,279],{},"Best for",[281,282,283,297,310],"tbody",{},[265,284,285,288,291,294],{},[286,287,234],"td",{},[286,289,290],{},"Authentication and authorization",[286,292,293],{},"XML assertions",[286,295,296],{},"Enterprise workforce federation",[265,298,299,301,304,307],{},[286,300,239],{},[286,302,303],{},"Authorization",[286,305,306],{},"Access tokens",[286,308,309],{},"API access and delegated permissions",[265,311,312,314,317,320],{},[286,313,251],{},[286,315,316],{},"Authentication",[286,318,319],{},"JSON Web Tokens (JWT)",[286,321,322],{},"Consumer apps and modern web/mobile",[122,324,326],{"id":325},"federated-identity-vs-single-sign-on","Federated identity vs Single Sign-On",[115,328,329],{},"You'll often hear SSO and federated identity used interchangeably, but they're not quite the same thing.",[115,331,332,336],{},[219,333,335],{"href":334},"https://www.unidy.io/blog/what-is-a-sso-and-why-is-it-important","Single Sign-On (SSO)"," typically refers to using one login for multiple applications within the same organization or security domain. You sign in once to your company's identity system and gain access to email, HR tools, and project management software without logging in again.",[115,338,339],{},"Federated identity extends this concept across organizational boundaries. When a sports club's members can use their club credentials to access partner services, ticketing platforms, and merchandise stores run by different organizations, that's federation in action. When SSO crosses organizational boundaries, it's sometimes called \"federated SSO\"—which is where the terminology overlap comes from.",[133,341,342,348],{},[136,343,344,347],{},[139,345,346],{},"SSO:"," One login for multiple apps within the same organization",[136,349,350,353],{},[139,351,352],{},"Federated identity:"," One login for apps across multiple independent organizations",[122,355,357],{"id":356},"examples-of-federated-identity-in-practice","Examples of federated identity in practice",[115,359,360],{},"Abstract concepts become clearer with concrete examples. Here's how federation appears in different contexts.",[163,362,364],{"id":363},"social-login","Social login",[115,366,367],{},"When you click \"Sign in with Google\" or \"Continue with Apple\" on a website, you're using consumer-facing federation. The social platform acts as the IdP, and the third-party site is the SP. You get quick access without creating yet another account, and the website gets a verified email address without handling password storage.",[163,369,371],{"id":370},"customer-identity-across-multiple-brands","Customer identity across multiple brands",[115,373,374,375,379],{},"Media companies, sports organizations, and membership platforms often operate multiple digital properties. Federation allows a ",[219,376,378],{"href":377},"https://www.unidy.io/blog/what-is-our-multibrand-feature","single user account"," to work across all of them—the main website, mobile apps, streaming services, and e-commerce stores. This creates unified customer profiles that span every touchpoint.",[163,381,296],{"id":382},"enterprise-workforce-federation",[115,384,385],{},"Organizations commonly federate their corporate directory (like Microsoft Active Directory) with cloud services. Employees use their work credentials to access Salesforce, Slack, or dozens of other SaaS applications. IT teams maintain central control over access, and when someone leaves the company, disabling their IdP account immediately revokes access everywhere.",[122,387,389],{"id":388},"is-federated-identity-secure","Is federated identity secure",[115,391,392],{},"Security is often the first concern when considering federation. When implemented properly, federation typically improves security rather than weakening it.",[163,394,396],{"id":395},"security-benefits-of-federated-access","Security benefits of federated access",[115,398,399,400,404,405,409],{},"Centralizing authentication at a trusted IdP reduces the overall attack surface. Users don't create new passwords for each service, which reduces the ",[219,401,403],{"href":402},"https://www.brightdefense.com/resources/password-statistics/","94% of passwords that are reused"," across accounts. The IdP can enforce strong authentication policies—like MFA or ",[219,406,408],{"href":407},"https://www.unidy.io/blog/passwordless-authentication-benefits","passwordless authentication","—across all connected services.",[133,411,412,422,428],{},[136,413,414,417,418],{},[139,415,416],{},"Reduced credential exposure:"," Users authenticate only with the IdP, not with each individual service—mitigating credential-based breaches that ",[219,419,421],{"href":420},"https://spycloud.com/blog/6-takeaways-from-ibm-data-breach-report-2025/","cost $4.67 million per incident",[136,423,424,427],{},[139,425,426],{},"Centralized security policies:"," The IdP enforces consistent authentication standards",[136,429,430,433],{},[139,431,432],{},"Faster deprovisioning:"," Revoking IdP access immediately cuts off all federated services",[163,435,437],{"id":436},"potential-risks-and-mitigation-strategies","Potential risks and mitigation strategies",[115,439,440],{},"The primary risk is that a compromised IdP could affect all connected services. This makes IdP security critical. Organizations mitigate this risk through strong IdP security measures, continuous monitoring for suspicious activity, and limiting token lifetimes so that stolen tokens expire quickly.",[115,442,443],{},"Federation also requires careful attention to what attributes are shared. Sharing only the minimum necessary information follows the principle of least privilege and reduces privacy risks.",[122,445,447],{"id":446},"benefits-of-federated-identity-and-access-management","Benefits of federated identity and access management",[115,449,450],{},"Beyond security, federation delivers tangible business value across several areas.",[163,452,454],{"id":453},"improved-user-experience-and-higher-conversions","Improved user experience and higher conversions",[115,456,457],{},"Every additional login screen is a potential drop-off point. Federation eliminates friction by letting users access services with credentials they already have. For customer-facing applications, this translates directly to better engagement and higher conversion rates.",[163,459,461],{"id":460},"reduced-it-costs-and-complexity","Reduced IT costs and complexity",[115,463,464,465,469],{},"Building and maintaining separate authentication systems for each service is expensive. Federation allows organizations to invest in one robust identity infrastructure that serves all connected applications. Password reset requests—representing ",[219,466,468],{"href":467},"https://specopssoft.com/blog/save-money-self-service-password-resets/","40% of all help desk calls","—decrease when users have fewer credentials to manage.",[163,471,473],{"id":472},"centralized-identity-management-and-data-synchronization","Centralized identity management and data synchronization",[115,475,476],{},"With federation, user identity data lives in one authoritative source. Changes propagate automatically to connected systems, keeping profiles synchronized. This foundation enables building comprehensive 360° customer profiles that aggregate interactions across all touchpoints.",[163,478,480],{"id":479},"enhanced-compliance-and-first-party-data-control","Enhanced compliance and first-party data control",[115,482,483,484,488],{},"Owning your identity layer means collecting zero-party and ",[219,485,487],{"href":486},"https://www.unidy.io/blog/the-end-of-third-party-cookies","first-party data"," independently of big tech platforms. Centralized consent management becomes possible when all user interactions flow through a single identity system, supporting compliance with regulations like GDPR.",[122,490,492],{"id":491},"common-misconceptions-about-federated-identity","Common misconceptions about federated identity",[115,494,495],{},"Several misunderstandings persist about what federation means in practice.",[133,497,498,509,515],{},[136,499,500,503,504,508],{},[139,501,502],{},"\"Federation means giving up control\":"," Organizations can ",[219,505,507],{"href":506},"https://www.unidy.io/blog/white-label-identity-management","run their own IdP"," and maintain complete control over user data, authentication policies, and what information is shared with each SP.",[136,510,511,514],{},[139,512,513],{},"\"It's only for enterprises\":"," Consumer-facing businesses increasingly use federation for customer identity across apps, stores, and content platforms. Social login is federation.",[136,516,517,520,521,525],{},[139,518,519],{},"\"It requires replacing existing systems\":"," Federation integrates with ",[219,522,524],{"href":523},"https://www.unidy.io/integrations","existing CRMs, CDPs, and marketing tools"," through standard protocols. It connects systems rather than replacing them.",[122,527,529],{"id":528},"best-practices-for-implementing-identity-federation","Best practices for implementing identity federation",[115,531,532],{},"For organizations considering federation, following established practices helps ensure successful implementation.",[163,534,536],{"id":535},"_1-define-clear-trust-policies-across-providers","1. Define clear trust policies across providers",[115,538,539],{},"Document which IdPs your services will trust and what identity attributes will be shared. Establish formal agreements that specify security requirements, data handling practices, and incident response procedures.",[163,541,543],{"id":542},"_2-use-standards-based-protocols-like-saml-and-openid-connect","2. Use standards-based protocols like SAML and OpenID Connect",[115,545,546],{},"Proprietary solutions create vendor lock-in and interoperability challenges. Standards-based protocols ensure you can connect with partners, integrate new services, and switch vendors if needed.",[163,548,550],{"id":549},"_3-plan-for-user-migration-and-profile-aggregation","3. Plan for user migration and profile aggregation",[115,552,553],{},"If you're consolidating existing user databases, create a clear migration strategy. User matching—linking accounts that belong to the same person across different systems—requires careful planning to avoid duplicate profiles or lost data.",[163,555,557],{"id":556},"_4-integrate-consent-management-from-the-start","4. Integrate consent management from the start",[115,559,560],{},"Build transparent consent collection directly into login and registration flows. Users gain control over what data is shared with which services, and you maintain clear records for compliance purposes.",[122,562,564],{"id":563},"how-federated-identity-enables-central-user-profiles","How federated identity enables central user profiles",[115,566,567],{},"Federation creates a natural foundation for unified customer profiles. When users authenticate through a central IdP, their interactions across all connected services link to that single identity.",[115,569,570],{},"This enables aggregating data from CRMs, e-commerce platforms, mobile apps, and marketing tools into actionable profiles. The result: better personalization, more precise segmentation, and the ability to run ID-based campaigns across channels. Without federation, user data remains siloed in disconnected systems, making it difficult to understand the complete customer journey.",[122,572,574],{"id":573},"building-a-unified-identity-layer-for-digital-growth","Building a unified identity layer for digital growth",[115,576,577,578,582],{},"Federated identity is foundational infrastructure for digital-first organizations. A ",[219,579,581],{"href":580},"https://www.unidy.io/solution","central identity layer"," breaks down data silos, improves user experience through single login, and enables new revenue opportunities like premium memberships and partner integrations.",[115,584,585,586,590],{},"Organizations that own their identity infrastructure gain independence from big tech platforms while maintaining compliance and growing valuable first-party data assets. Whether you're a media brand, sports organization, or membership-based business, federation provides the connective tissue that links your digital ecosystem together. If you're ready to build your unified identity layer, ",[219,587,589],{"href":588},"https://www.unidy.io/lp/contact","get in touch"," with our team.",[115,592,593],{},[219,594,596],{"href":595},"https://www.unidy.io/blog/","Read more",[122,598,600],{"id":599},"frequently-asked-questions-about-federated-identity","Frequently asked questions about federated identity",[163,602,604],{"id":603},"what-is-the-difference-between-an-identity-provider-and-iam","What is the difference between an identity provider and IAM?",[115,606,607],{},"An Identity Provider (IdP) is the component that authenticates users and issues identity assertions. Identity and Access Management (IAM) is a broader framework encompassing the IdP along with user provisioning, access policies, governance, and lifecycle management across all systems.",[163,609,611],{"id":610},"can-federated-identity-integrate-with-legacy-systems","Can federated identity integrate with legacy systems?",[115,613,614],{},"Yes, federation solutions using standard protocols like SAML or OpenID Connect can connect to legacy systems through adapters, APIs, or identity bridges that translate between modern and older protocols.",[163,616,618],{"id":617},"how-does-federated-identity-affect-user-privacy","How does federated identity affect user privacy?",[115,620,621],{},"Federation can enhance privacy by minimizing credential storage across services. However, organizations implementing federation benefit from transparent consent management so users control what data is shared with each Service Provider.",[163,623,625],{"id":624},"what-is-the-difference-between-workforce-and-customer-identity-federation","What is the difference between workforce and customer identity federation?",[115,627,628],{},"Workforce federation connects employees to enterprise applications using corporate credentials. Customer identity federation (CIAM) links consumer identities across customer-facing services like websites, apps, and membership platforms, often with different requirements around self-service registration and consent.",{"title":630,"searchDepth":631,"depth":631,"links":632},"",2,[633,634,640,645,646,651,655,661,662,668,669,670],{"id":124,"depth":631,"text":125},{"id":157,"depth":631,"text":158,"children":635},[636,638,639],{"id":165,"depth":637,"text":166},3,{"id":175,"depth":637,"text":176},{"id":185,"depth":637,"text":186},{"id":213,"depth":631,"text":214,"children":641},[642,643,644],{"id":226,"depth":637,"text":227},{"id":238,"depth":637,"text":239},{"id":250,"depth":637,"text":251},{"id":325,"depth":631,"text":326},{"id":356,"depth":631,"text":357,"children":647},[648,649,650],{"id":363,"depth":637,"text":364},{"id":370,"depth":637,"text":371},{"id":382,"depth":637,"text":296},{"id":388,"depth":631,"text":389,"children":652},[653,654],{"id":395,"depth":637,"text":396},{"id":436,"depth":637,"text":437},{"id":446,"depth":631,"text":447,"children":656},[657,658,659,660],{"id":453,"depth":637,"text":454},{"id":460,"depth":637,"text":461},{"id":472,"depth":637,"text":473},{"id":479,"depth":637,"text":480},{"id":491,"depth":631,"text":492},{"id":528,"depth":631,"text":529,"children":663},[664,665,666,667],{"id":535,"depth":637,"text":536},{"id":542,"depth":637,"text":543},{"id":549,"depth":637,"text":550},{"id":556,"depth":637,"text":557},{"id":563,"depth":631,"text":564},{"id":573,"depth":631,"text":574},{"id":599,"depth":631,"text":600,"children":671},[672,673,674,675],{"id":603,"depth":637,"text":604},{"id":610,"depth":637,"text":611},{"id":617,"depth":637,"text":618},{"id":624,"depth":637,"text":625},"2026-04-19T00:00:00.000Z","md",{"src":679},"/images/blog/federated-identity-explained.webp",{},true,{"title":22,"description":117},"federated identity, single sign-on, identity management","O5o5urAnyL30Regmgt96_ZdrQEpIlj__wqdDjR4ScXY",[686,688],{"title":18,"path":19,"stem":20,"description":687,"children":-1},"A fan buys a season ticket, downloads the club app, and orders a jersey online—yet the club sees three strangers instead of one loyal supporter. This fragmentation costs sports organizations revenue, personalization opportunities, and the unified fan relationships that drive long-term growth.",{"title":26,"path":27,"stem":28,"description":689,"children":-1},"Collect - Increasing number of user profiles / Connect - Increase data fields and opt-ins per user / Convert - Increase revenue per user",1776698509077]