security token service (STS)

A service that brokers authentication between a web service and a client by validating the client’s credentials. After the STS validates the client’s credentials, it issues a security token to the client. When the client then requests direct communication with the web service, the web service validates the security token and establishes a security context for the client.