What are Security tokens? 

Within the context of IAM, security tokens are part of an IT method for granting access to users across domains. Trusted sources assign the tokens to trusted entities to allow them access to protected networks, systems, data, and applications.

What are Security tokens used for?

Security tokens are used to prove authentication of identities, and allow only authorized and trusted entities access to protected networks, systems, data, and applications. In a federated access system, tokens containing claims (or assertions) about users (which could be attributes such as groups memberships) are exchanged by Identity Providers (IdPs) to enable Single Sign On across federated applications (applications that have established trust). Tokens can be permanent or temporary to aid in the management of fine-grained access controls and other role-based acces.0000000s systems. Applications accept tokens containing user information assertion as proof that a user has been verified and use the claims/assertions information to determine authorization.