IBM’s Tivoli Federated Identity Manager product includes a Security Token Service (STS) that can be used to validate, transform and issue security tokens that represent identities in a Service Oriented Architecture (SOA). The OASIS Web Services Secure Exchange (WS-SX) Technical Committee defines the WS-Trust standard which defines the interface to an STS. Microsoft Windows Communication Foundation (WCF) is a standards based Web services stack that is part of the Microsoft .NET Framework. WCF provides a capability to integrate with a Security Token Service.
As part of a recent customer project I've led an effort to get WCF playing nicely with TFIM's STS in some well defined scenarios. I've documented the resulting interoperability profile for all to enjoy. The scenario is shown in the diagram below.