The document discusses the evolution of federated identity protocols over the past 10+ years. While OAuth 2.0 is now widely adopted for federating web identities, the document argues that federation protocols alone are not sufficient. It suggests that applications also need ways to: 1) scope trust with federated identity providers, 2) provision access for federated identities, and 3) enable collaboration across federated identities. The document calls on the audience to build on existing work and find standards-based solutions to make these capabilities easier.