The Federated Internet Authentication Web Service Protocol defines the interaction between the server and standard Internet authentication protocols. The server uses this protocol to call external Web services to obtain security tokens that are then used by other Web service protocols to authenticate a transaction.
Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in RFC 2119. Sections 1.5 and 1.9 are also normative but cannot contain those terms. All other sections and examples in this specification are informative.