This section describes a typical interaction with the Security Token Service.
The client sends an authentication request to the Security Token Service (Request Security Token - RST message).
The Security Token Service validates the client's credentials.
The Security Token Service issues a security token to the client (Request Security Token Response - RSTR message). The RSTR contains a security token, such as an XML Security Assertion Markup Language (SAML) token.
The client initializes and sends a request message, containing the token, to the Service.
The Service attempts to verify that the security token was issued by a trusted Security Token Service by checking the corresponding STS certificate. On success accepts it (essentially as equivalent to a "valid login"), and processes the request.
The service initializes and sends a response message to the client.
The Security Assertion Markup Language (SAML) tokens provide cross-platform interoperability and exchange security information between clients and services in different security domains. The receiver of the message with the token only needs to know the corresponding STS certificate in order to verify the token and able to use the authentication information from the token.