2.2.1.3 Federated Authentication Token

When the client indicates in the Login record that federated authentication<4> is to be used but that the intended client library needs additional information from the server to generate a federated authentication token, if the server supports federated authentication that uses that client library, the server responds with a token that the client uses to perform federated authentication. The client then generates and sends a tokenless Federated Authentication Token message that contains binary authentication data that is generated by the federated authentication library. For more details, see section 2.2.6.3.

After the server receives the Federated Authentication Token message from the client, the server notifies the client that it has either accepted or rejected the connection request. For more details, see section 3.3.5.