Abstract: Techniques for extending federation services to access desktop applications are herein described. In addition to the foregoing, other aspects are described in the claims, drawings, and text forming a part of the present disclosure.

Abstract: Creating a token for use by an entity when digitally signing documents. In a computing environment, a digital identity representation for an entity is accessed. The digital identity representation includes information identifying identity attributes about the entity and capabilities of an identity provider that provides tokens for use by the entity. Context information is accessed. The context information includes information about one or more of which, how or where the attributes for the entity identified in the digital identity representation will be used. A security token is created from the information in the digital identity representation and the context information. The security token makes assertions by the identity provider. The assertions are based on the information in the digital identity representation. The token further includes information related to at least a portion of the context information.

Abstract: A user interacts with a client containing personal identity information operable to identify the user to a relying party when the relying party is presented with claims comprising a portion of the personal identity information. The personal identity information includes one or more claims, metadata associated with the one or more claims, and backing data associated with the one or more claims. The user may initiate use of another client and seek to be identified by the relying party while interacting with the other client by first porting the personal identity information to the other client. Porting the personal identity information includes binding the personal identity information and sending the bound personal identity information to a receiving client.

Abstract: Techniques for extending federation services to access desktop applications are herein described. In addition to the foregoing, other aspects are described in the claims, drawings, and text forming a part of the present disclosure.

Abstract: Creating a token for use by an entity when digitally signing documents. In a computing environment, a digital identity representation for an entity is accessed. The digital identity representation includes information identifying identity attributes about the entity and capabilities of an identity provider that provides tokens for use by the entity. Context information is accessed. The context information includes information about one or more of which, how or where the attributes for the entity identified in the digital identity representation will be used. A security token is created from the information in the digital identity representation and the context information. The security token makes assertions by the identity provider. The assertions are based on the information in the digital identity representation. The token further includes information related to at least a portion of the context information.

Abstract: A system and method comprising a client-side manager component that manages access points (such as URLs) to distributed services for client applications. The client application hosts the client-side manager, and specifies criteria for a service. The manager component uses the criteria to query a service registry, such as a UDDI-based registry, and caches the returned list. To use a service, the client calls the manager component on a defined interface, and the manager component returns one of the cached access points. The cached access points may be returned based on an ordering, such as to distribute requests among services. If the service fails, the client calls a failure-related method of the manager component with failure details, and retrieves a new access point. The manager component reports the error to an error handling service, whereby the error information may be used in a quality of service statistic at the service registry.

Abstract: A user interacts with a client containing personal identity information operable to identify the user to a relying party when the relying party is presented with claims comprising a portion of the personal identity information. The personal identity information includes one or more claims, metadata associated with the one or more claims, and backing data associated with the one or more claims. The user may initiate use of another client and seek to be identified by the relying party while interacting with the other client by first porting the personal identity information to the other client. Porting the personal identity information includes binding the personal identity information and sending the bound personal identity information to a receiving client.