A client is added to an OAuth federation as a partner. It neither is a Service Provider or an Identity Provider.
Creating a partner in an OAuth federation is the same as registering a client to an OAuth server or authorization server. An OAuth server or authorization server can have more than one client. Consequently, an OAuth federation can have more than one partner.
An OAuth federation can communicate with OAuth clients that are either managed in Tivoli® Federated Identity Manager, or from an external client provider.
The OAuth federation generates a unique set of client credentials, during each partner creation. The client key and client secret are examples of the set of client credentials the OAuth federation generates. Clients use these credentials to identify themselves to an OAuth server or authorization server when requesting access to a protected resource.