# Use SAML2 Identity Federation Connection
The Authing SAML2 identity federation connection can connect to external SAML2 identity providers, and supports identity authentication from external identity providers.
# Create SAML2 Identity Federation Connection
Create SAML2 Identity Federation Connection# Open SAML2 identity federation connection
In Console> Connect Identity Source> SAML2 Identity Federation, find the SAML2 connection you just created, and turn on the switch.
# Use SAML2 Identity Federation
In Control Panel> Applications> Application List, select any application and click "Experience".
On the login authentication page, you can see the SAML2 identity federation connection button just created, click it.
In the pop-up window, log in from the external SAML2 IdP:
After the login is successful, a successful prompt will pop up:
After that, it will call back to the callback address corresponding to the application, and carry the authorization code code and other information.
You can exchange the user's access_token and information through code. For details, please refer to Use code to exchange token.