The Federation™ role uses a remote user account to connect to a remote Security Center system.
If your system is federated by another system, the remote user account that the Federation™ role accesses should have minimum privileges.
NOTE: The
rights and privileges of the Federation™ user determine
what the users on the Federation™ host can see and do on
the federated system. The Federation™ user must have the
application privilege Federation™. Any other access
rights and privileges depend on what you want to let the Federation™ user do on your system. The Federation™ user should not be a member of the Administrators
group, as it increases the security risks if ever the associated credentials are
compromised. This could lead to a malicious user taking control of your system. Instead, you
should only grant the privileges that the Federation™ host
requires to perform their operations.