OIDC federations use a trust model where entities have unique IDs pointing to signed JSON entity statements describing them. A trust chain is established when two entities trust at least one common trust anchor. Entity statements are fetched and flattened into a single statement to determine authorization details like scopes and response types. Subordinates can specify more restrictive settings than superiors during flattening.