- WS-Federation 1.0/1.1/1.2
- SAML SSO (IdP and the Apache Tomcat 8, Spring and Apache CXF plugins only thus farall of the plugins apart from websphere from the 1.4.5 release)
- Support for SAML 1.1/2.0 tokens, encrypted SAML Tokens, Holder-Of-Key Subject Confirmation Method.
- Custom token Support
- Support to publish WS-Federation and SAML SSO Metadata documents
- Support for Tomcat, Jetty, Websphere, Spring Security and CXF plugins
- A new REST API for the IdP (1.2)
- Support for logout in both the RP and IdP (1.2)
- Support for logging on to the IdP via Kerberos and TLS client authentication (1.2)
- Support to use the IdP as an identity broker with a remote IdP. SAML SSO, Open Id Connect, Facebook and WS-Federation protocols supported.