An application server receives a request for service from a wireless transmit/receive unit (WTRU) associated with a home network that includes a home subscriber server (HSS) and a bootstrapping server function (BSF) coupled via a Zh reference point. The application server authenticates the WTRU at least in part by (i) redirecting the WTRU to an identity provider co-located with a network application function (IDP/NAF) and coupled to the BSF via a Zn reference point and (ii) receiving an assertion from the WTRU that the IDP/NAF has authenticated the WTRU based on user security settings retrieved from the BSF by the IDP/NAF over the Zn reference point. After authenticating the WTRU, the application server (i) retrieves user-specific Sh-reference-point-type data from the HSS via the IDP/NAF over the Zn and Zh reference points and (ii) provides the service to the WTRU based on the retrieved user-specific Sh-reference-point-type data.