RequestedSecurityToken
RequestedSecurityToken is an element used in the WS-Trust security framework to convey the actual issued token from a Security Token Service (STS) to a requester. It appears within a RequestSecurityTokenResponse (RSTR) message and serves as the container for the token that the client is entitled to use for accessing a protected resource.
In a typical interaction, a client sends a RequestSecurityToken (RST) to an STS to obtain a token.
Structure and semantics are defined by the WS-Trust specification. The RequestedSecurityToken element directly contains the token
Security considerations include protecting the token against eavesdropping and tampering, typically through transport-layer security (such as
See also: WS-Trust, RequestSecurityToken, RequestSecurityTokenResponse, Security Token Service, SAML.