What defines the roles of IdP and SP in a Federated Identity model?

In a Federated Identity model, the IdP (Identity Provider) and SP (Service Provider) have distinct but complementary roles that enable seamless authentication and access across different systems. The IdP's primary function is to authenticate users, which involves verifying their identity through various means such as passwords, biometrics, or multi-factor authentication. Once authenticated, the IdP issues tokens or credentials that the user can use to access services provided by the SP.

On the other hand, the SP is responsible for delivering services or applications to the user. It trusts the assertions made by the IdP regarding the user's identity and privileges, allowing the user to access the resources or services without needing to log in again. This trusted relationship streamlines the user experience and enhances security by centralizing authentication at the IdP level.

In this context, the choice that identifies the IdP's role in authentication and the SP's role in service delivery appropriately captures the essence of how the federated identity system operates, making it the correct answer.