An organization wants to provide unified sign-in across multiple partner groups that manage their own user directories. Which of the following methods best satisfies shared authentication across these distinct environments while avoiding separate credential stores?
Use a trust-based integration among each partner’s identity provider
Adopt a multi-device validation step before users connect to each environment
Create a local directory that consolidates all partner credentials into a single internal system
Require every remote user to register separate domain accounts within the host environment
Establishing a trust relationship among separate identity providers aligns with the concept of federation. It allows each partner to keep its user directories while still passing validated claims between them. Other options, such as merging all credentials into a single directory or issuing separate accounts, add complexity. Trust-based integration is designed for secure single sign-in without duplicating or storing credentials in multiple places.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a trust-based integration?
Open an interactive chat with Bash
What is federation in the context of identity management?