Authentication capabilities in applications should be simple and safe by default. Designing customized authentication systems takes a long time and is a specialized endeavor. The users of these applications want to explore an app's functionality without spending too much time creating user accounts. It is our main goal to minimize the friction associated with this processes as much as possible.

Newer users feel comfortable using their existing credentials and use them in multiple authentication facades. This practice is called federation (the word federation originates from the latin foederatio, which means union). These credentials that are external to our systems can be used to produce security assertions in the form of tokens. The representations of the original credentials can be used to assume an identity or to gain temporary access to a private resource.