The Active Directory Federation Services (AD FS) Proxy Protocol is used by a security token service (STS) proxy to obtain configuration data about an STS in order to assist users in selecting an acceptable security realm from which to obtain a security token. The protocol is also used by an STS to relay Microsoft Web Browser Federated Sign-On Protocol [MS-MWBF] requests back to an STS.
Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in RFC 2119. Sections 1.5 and 1.9 are also normative but cannot contain those terms. All other sections and examples in this specification are informative.