Tag Archives : OpenID Connect


OpenID Implementer’s Drafts of Four MODRNA Specifications Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. OpenID Connect MODRNA Authentication Profile 1.0 OpenID Connect Account Porting OpenID Connect User Questioning API 1.0 OpenID Connect MODRNA […]


Examples added to OpenID Connect Token Bound Authentication spec

OpenID Connect Token Bound Authentication 1.0 draft 01 adds examples showing the flows in action. Thanks to Brian Campbell for adding them! This draft also adds a Security Considerations paragraph describing that additional security tokens can also be token bound, including cookies, access tokens, refresh tokens, and authorization codes. This […]


Notice of Vote for Implementer’s Drafts of Four MODRNA Specifications

The official voting period will be between Friday, April 21 and Friday, April 28, 2017, following the 45 day review of the specifications. For the convenience of members, voting will actually open a week before this on Friday, April 14 for members who have completed their reviews by then, with […]


OpenID Connect Logout Implementer’s Drafts Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a […]


Notice of Vote for Implementer’s Drafts of OpenID Connect Logout Specifications

The official voting period will be between Tuesday, March 21 and Tuesday, March 28, 2017, following the 45 day review of the specification. For the convenience of members, voting will actually open a week before Tuesday, March 21 on Tuesday, March 14 for members who have completed their reviews by […]


OpenID Connect Relying Party Certification Adoption

The adoption of the new OpenID Connect Relying Party (RP) Certification has exceeded our expectations – especially the surprising number of early adopters who tested a wide variety of implementations. The tests were improved at an accelerating rate, with many organizations actively “testing the tests”. All of the OpenID Foundation’s […]


Review of Proposed Implementer’s Drafts of OpenID Connect Logout Specifications

The OpenID Connect Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a front-channel logout mechanism that does not use an OP iframe on RP pages Back-Channel Logout – […]


Initial OpenID Connect Enhanced Authentication Profile (EAP) Specifications

The OpenID Enhanced Authentication Profile (EAP) working group charter states that: The purpose of this working group is to develop a security and privacy profile of the OpenID Connect specifications that enable users to authenticate to OpenID Providers using strong authentication specifications. The resulting profile will enable use of IETF […]


Preventing Mix-Up Attacks with OpenID Connect   Recently updated !

Recently the OAuth community has been concerned with some attack vectors around mixed up clients, particularly when dynamic client registration and discovery are used with user-selected OpenID Providers. Broadly, the attacks consist of using dynamic client registration, or the compromise of an OpenID Provider (OP), to trick the Relying Party […]


Building on What’s Built: OpenID Certification Momentum

At the OpenID Certification Launch in April 2015, 6 organizations had certified 8 OpenID Connect Provider implementations for 21 conformance profiles. Now, as you can see at http://openid.net/certification/, 14 organizations and individuals have certified 16 OpenID Connect Provider implementations for 48 conformance profiles. The OpenID Foundation has championed self-certification as […]