The Path Forward for Self-Certification

The increasing adoption of OpenID Connect deployments has required the OpenID Foundation to develop new certification models that support the practical business, legal and technical realities of today’s Internet scale deployments. Throughout 2015, the pilot phase of OpenID Connect self-certification has been testing the efficiencies, cost effectiveness and trustworthiness of […]


Introducing RISC: Working together to protect users

According to a recent Gallup poll, more people are worried about their online accounts being hacked than having their home broken into.With more and more of our digital lives accessible online, attackers are redoubling efforts to steal our personal information, and increasingly exploiting the interconnectedness of web services and apps […]


Certification pilot expanded to all OIDF members

The OpenID Foundation has opened the OpenID Certification pilot phase to all OpenID members, as the Board previously announced we would do in May. This enables individual and non-profit members to also self-certify OpenID Connect implementations. The OpenID Board has not yet finalized beta pricing to cover the costs of […]


Certification Accomplishments and Next Steps

I’d like to take a moment and congratulate the OpenID Foundation members who made the successful OpenID Certification launch happen. By the numbers, six organizations were granted 21 certifications covering all five defined conformance profiles. See Mike Jones’ note Perspectives on the OpenID Connect Certification Launch for reflections on what […]


Final OAuth 2.0 Form Post Response Mode Specification Approved

The OAuth 2.0 Form Post Response Mode specification has been approved as a Final Specification by a vote of the OpenID Foundation members. A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This specification defines how to return OAuth 2.0 […]


The OpenID Foundation Launches OpenID Connect Certification Program

Google, Microsoft, Ping Identity, ForgeRock, Nomura Research Institute, and PayPal OpenID Connect Deployments First to Self-Certify Conformance RSA Conference 2015, San Francisco, CA – April 22, 2015 – Today the OpenID® Foundation introduced OpenID Connect Certification – a program that enables organizations to certify that their OpenID Connect implementations conform […]


Final OpenID 2.0 to OpenID Connect Migration Specification Approved

The OpenID 2.0 to OpenID Connect Migration specification has been approved as a Final Specification by a vote of the OpenID Foundation members. A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This specification defines how to migrate from OpenID […]


Vote to approve final OAuth 2.0 Form Post Response Mode specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OAuth 2.0 Form Post Response Mode 1.0 – Defines how to return OAuth 2.0 Authorization Response parameters (including OpenID Connect Authentication Response parameters) using HTML form values that are auto-submitted by the User Agent […]


Review of proposed final OAuth 2.0 Form Post Response Mode specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OAuth 2.0 Form Post Response Mode 1.0 – Defines how to return OAuth 2.0 Authorization Response parameters (including OpenID Connect Authentication Response parameters) using HTML form values that are auto-submitted by the User Agent […]