In case of federation claims can be mapped from one realm to another. Mapping can also include that some claim values are not relevant/desired for the target realm and thus should be omitted in the new token. However the org.apache.cxf.sts.claims.ClaimsManager enforces currently that all claim types contained in the request also must be included in the response by calling validateClaimValues(claims, targetClaims); at the end of the claim mapping. If some claim types have not been mapped to the new token, an exception is thrown. Therefore this check should be removed to allow mappings with different claim types in request and response.