The Federation™ role uses a remote user account to connect to a remote Security Center system.
If another system federates your system, the remote user account that the Federation™ role
accesses should have minimum privileges.
NOTE: The rights and privileges of the Federation user
determine what the users on the Federation™ host can see and do on the federated system. The
Federation user must have the application privilege Federation™. Any other access
rights and privileges depend on what you want to let the Federation user do on your system.
The Federation user should not be a member of the Administrators group, as it increases the
security risks if ever the associated credentials are compromised. This could lead to a
malicious user taking control of your system. Instead, you should only grant the privileges
that the Federation host requires to perform their operations.