IDP Type defines the configuration for an Identity Provider. The root configuration for an Identity Provider(IDP) using picketlink Identity. Aspects involved in trust decisions such as the domains that the IDP or the Service Provider trusts. Comma Separated domain names such as localhost,picketlink.com,picketlink.org Source of the Signing and Validating Key Key Value Pairs Needed to authenticate into the provider. Key Value pairs identifying domains against the alias for validating key An alias that identifies the signing key Base Type for IDP and SP Service Provider Type The claims processors specify the classes that are capable of processing specific claims dialects. The token providers specify the classes that handle the requests for each type of security Token. For example, a SAMLTokenProvider may be used to generate SAML token, while a X509TokenProvider may be used to generate X.509 tokens (certificates). The service providers specify the token type expected by each service provider. The service provider type contains information about a specific service provider. In particular, it specifies the type of the token that must be issued for the provider and the alias of the provider's PKC in the truststore. This is used by the STS to locate the PKC when encrypting the generated token.