OpenID Foundation’s Financial API (FAPI) Working Group has advised the foundation to start the public review period for consideration as an Implementer’s Draft for the specification:
It is a specification that documents the security profiles of OAuth 2.0 and OpenID Connect to be used in the protection of financial APIs. It states the requirements and recommendations (which combined are called “provisions”) that Authorization Servers, Clients, and Protected Resources must follow.
The relevant dates are as follows.
- Public review period: 2016-12-19 to 2017-02-02 (45 days)
- Implementer’s Draft vote announcement: 2017-01-20
- Implementer’s Draft voting period: 2017-02-03 to 2017-02-10 (7 days)*
* Note: Pre-voting before the start of the formal voting will be allowed.
Update:As a result of the public review, the specification has been updated twice to address editorial issues identified. As a result, the Implementer’s Draft adoption vote will apply to this revised version: