# Roles {% hint style="info" %} ***This page must be considered part of the iSHARE Framework*** *This page is considered normative and is therefore compliant with RFC 2119.* {% endhint %} One of the iSHARE Trust Framework's core features is its description of functional roles. These roles represent the different ways organisations can interact with each other. To ensure federation of all aspects, and no single points of ‘failure’ or ‘power’ in the structure, all roles are defined and can be executed by multiple parties. ### Role definition The principle of a role is that its execution can be done by the same legal entity, but the interface specification assures that an always level playing field/federation is possible. The Trust Framework introduces two core role types: "Adhering Parties" and "Certified Parties” **"Adhering parties"** directly engage with data and include: * [Entitled party](/entitled-party/getting-started.md): Organisations with rights to access specific services or data. * [Service Provider:](/service-provider-role/getting-started.md) Organisations offering services for consumption. * [Service Consumer](/service-consumer-role/getting-started.md): Organisations using services provided by service providers. **"Certified Parties"** are certified to facilitate trusted exchanges between Adhering Parties. They encompass these specific roles: * [Participant Registry (former name: iSHARE Satellite)](https://gitlab.com/ishare-foundation/cab/developer-portal/-/blob/main/ishare-participant-registry-role/getting-started.md): Organisations responsible for onboarding participants and trust assurance. * [Authorisation Registry](/authorisation-registry-role/getting-started.md): Organisations providing Authorisation registry services. * [Identity Provider](/identity-provider/getting-started.md): Organisations offering identification services for humans. * Identity Broker: Organisations serving as intermediaries between Service Providers and Identity Providers. ### Role identifiers In certain situations, a role identifier is used to identify the [role(s) of a participant](https://framework.ishare.eu/main-aspects-of-the-ishare-trust-framework/framework-and-roles). For this purpose, the Trust Framework specifies the following identifiers: | Role identifier | Role | | ------------------------------------------------------- | --------------------------------------------------- | | ServiceConsumer | Service Consumer | | ServiceProvider | Service Provider | | EntitledParty | Entitled Party | | AuthorisationRegistry | Authorisation Registry | | IdentityProvider | Identity Provider | | IdentityBroker | Identity Broker | | ParticipantRegistry (former identifier iShareSatellite) | Participant Registry (former name iSHARE Satellite) | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://dev.ishare.eu/roles/roles.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.