In federated identity management, the identity provider (IdP) is responsible for authenticating users and making assertions about their identity to the relying party (which could be a service or application that trusts the IdP). The IdP and the relying party establish a trust relationship in advance, which allows the IdP to assert that a user is authenticated, often in the form of security tokens or assertions like SAML or OpenID Connect.

The IdP that authenticates users and makes assertions, not the relying party. The relying party does not make assertions to the IdP; the relying party relies on assertions made by the IdP. The IdP and relying party do have a direct trust relationship in federated identity management.