Tag Archives : OpenID Connect


OpenID Connect Federation draft 04

The OpenID Connect Federation specification has been updated to incorporate the following changes: Changed client metadata names scopes to rp_scopes and claims to rp_claims. Added Open Issues appendix. Added additional references. Editorial improvements. Added standard Notices section, which is present in all OpenID specifications. The specification is available at http://openid.net/specs/openid-connect-federation-1_0-04.html. […]


Relying Party OpenID Certification Entering Production Phase   Recently updated !

The OpenID Certification program for OpenID Connect Relying Parties has reached a level of maturity that the time has come to end the pilot phase, in which we were “testing the tests”. After August 8th, 2017, the Relying Party Certification program will join the OpenID Provider Certification program in production […]


OpenID Implementer’s Drafts of Four MODRNA Specifications Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. OpenID Connect MODRNA Authentication Profile 1.0 OpenID Connect Account Porting OpenID Connect User Questioning API 1.0 OpenID Connect MODRNA […]


Examples added to OpenID Connect Token Bound Authentication spec

OpenID Connect Token Bound Authentication 1.0 draft 01 adds examples showing the flows in action. Thanks to Brian Campbell for adding them! This draft also adds a Security Considerations paragraph describing that additional security tokens can also be token bound, including cookies, access tokens, refresh tokens, and authorization codes. This […]


Notice of Vote for Implementer’s Drafts of Four MODRNA Specifications

The official voting period will be between Friday, April 21 and Friday, April 28, 2017, following the 45 day review of the specifications. For the convenience of members, voting will actually open a week before this on Friday, April 14 for members who have completed their reviews by then, with […]


OpenID Connect Logout Implementer’s Drafts Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a […]


Notice of Vote for Implementer’s Drafts of OpenID Connect Logout Specifications

The official voting period will be between Tuesday, March 21 and Tuesday, March 28, 2017, following the 45 day review of the specification. For the convenience of members, voting will actually open a week before Tuesday, March 21 on Tuesday, March 14 for members who have completed their reviews by […]


OpenID Connect Relying Party Certification Adoption

The adoption of the new OpenID Connect Relying Party (RP) Certification has exceeded our expectations – especially the surprising number of early adopters who tested a wide variety of implementations. The tests were improved at an accelerating rate, with many organizations actively “testing the tests”. All of the OpenID Foundation’s […]


Review of Proposed Implementer’s Drafts of OpenID Connect Logout Specifications

The OpenID Connect Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a front-channel logout mechanism that does not use an OP iframe on RP pages Back-Channel Logout – […]