This page has moved

Federation content has been split to match the two audiences it serves:

• Human users from an external IdP (Okta, Azure AD, ADFS, Google Workspace): Enterprise SSO and the SAML 2.0 API
• AI agents and workloads running in cloud infrastructure (K8s, AWS, GCP): Workload Federation
• OAuth token exchange (RFC 8693) between identity domains: Chain of Agency