This document summarizes the claims authentication process in SharePoint 2010. A user requests access to a document but is denied by the system because they do not have an authentication token. An identity provider verifies the user's identity attributes with a secure token service and issues them a token. This token is then converted into a claims identity and user object that allows the user access to the requested document in SharePoint.