Federation allows a user to associate two accounts with each other. This allows the user to log into one account and access the resources of the other account without logging in to the second account. It is one method to provide single sign-on when a user has accounts in multiple user stores.
You can set up two types of federation:
Persistent: Permanent federation among accounts. Set up this federation when you want a user account at the service provider to be associated with a user account at the identity provider after authentication.
Transient: Temporary federation among accounts. Federation expires with the session.
For more information, see Setting Up Federation
in the NetIQ Access Manager 3.2 SP3 Setup Guide.