The Federation™ role uses a remote user account to connect to a remote Security Center system.
If your system is federated by another system, the remote user account that the Federation™ role accesses should have minimum privileges.
NOTE: The rights and privileges of the Federation™ user determine what the users on the Federation™ host can see and do on the federated system. The Federation™ user must have the application privilege Federation™. Any other access rights and privileges depend on what you want to let the Federation™ user do on your system. The Federation™ user should not be a member of the Administrators group, as it increases the security risks if ever the associated credentials are compromised. This could lead to a malicious user taking control of your system. Instead, you should only grant the privileges that the Federation™ host requires to perform their operations.