In a federated identity arrangement, who acts as the identity provider?

In a federated identity arrangement, the identity provider is the entity that enables users from different organizations to authenticate and gain access to services across those organizations without needing separate credentials for each one. This entity is responsible for managing user identities, credentials, and policies related to authentication.

A contracted third party typically assumes the role of the identity provider in these arrangements. This third party is often an external service that provides identity solutions, such as single sign-on (SSO) capabilities, making it easier for users to interact with multiple systems while maintaining security and reducing password fatigue.

The other choices do not accurately capture the role of an identity provider in a federated identity model. Each member organization usually relies on the identity provider to handle authentication and does not act independently in this function. A trusted third party is too vague, as it does not specify that this third party is typically contracted specifically for the identity provision service. Users of the organizations do not fulfill the identity provider role; rather, they are the recipients of the service provided by the identity provider.