Digital identity security is entering a new era as the OpenID Connect Core 1.0 specification has been formally adopted, by incorporation, by the International Telecommunication Union (ITU) as Recommendation X.1285. This milestone represents the first time an OpenID Foundation (OIDF) specification has been recognized as an ITU-T standard, and it offers implementers even more confidence in the stability of digital IDs. Publication by the ITU will follow.

The OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, the Financial Grade API has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling ‘networks of networks’ to interoperate globally.

This new Recommendation has been driven by the collaborative work of ITU-T Study Group 17 on standards-based authentication and identity frameworks that support secure, interoperable, and privacy-preserving digital ecosystems.

This recommendation by ITU-T places OpenID Connect Core 1.0 alongside other internationally significant identity specifications, such as the OSIA family of APIs (X.1281), which were recognized by ITU-T in March 2024, and the FIDO2 family of protocols, which were similarly recognized by ITU-T since the March 2018 ITU-T SG17 meeting.

Celebrating a team achievement

Securing ITU-T approval for an OpenID Foundation specification was no small feat. Over the past two years, ITU-T leaders, the OpenID Connect Working Group, and national delegations have reviewed the OpenID Connect Core 1.0 specifications and built the consensus needed for formal ITU-T Recommendation.

A heartfelt ‘thank you’ goes to:

• Arnaud Taddei, Chair of ITU-T Study Group 17 (SG17) (Security)
• Abbie Barbir, Co-Rapporteur for ITU-T SG17 Question 10 (Q10/17) (Identity Management)
• Hiroshi Takechi, Co-Rapporteur for ITU-T SG17 Question 10 (Q10/17) (Identity Management)
• Debora Comparin, Chair of ITU-T SG17 Working Party 1 (WP1/17)
• Bjorn Hjelm, ITU Liaison and Lead Editor, ITU-T versions of OpenID Connect specifications
• Stephanie de Labriolle, SIA for SIDI Hub Q10 Liaison Manager
• Hiroshi Ota, ITU Secretariat for SG12 & SG15
• Xiaoya Yang, Counsellor of ITU-T Study Group 17 - Security
• Oscar Giovanni León Suárez, Project Manager, Social Investment Solutions
• Mike Jones, Co-chair A/B Connect WG, and OIDF Board Member
• John Bradley, Co-chair A/B Connect WG, and OIDF Board Member
• Nat Sakimura, Co-chair A/B Connect WG, and Chairman, OpenID Foundation

Plus sincere thanks overall to ITU-T SG17 members who found a consensus to consent this text by incorporation, according to the Accelerated Approval Process (AAP), at the closing plenary of its last meeting in April 2025.

“Reaching X.1285 is a landmark success for our community. By incorporating OpenID Connect Core with ITU-T standards, we’re ensuring interoperable, secure identity on a truly global scale,”
—Debora Comparin, ITU-T WP1/17 Chair

“This recognition validates years of work and trust-building between the OpenID Foundation and ITU. It also sets a clear path for other OpenID Foundation specifications to follow, and establishes a solid cornerstone both for the industry and security itself as well as for all member states to adopt and leverage in their overall regulations with urgency on digital wallet, digital public infrastructure, telecommunication/ICTs. ”
—Arnaud Taddei, Chair, ITU-T SG17 / Global Security Strategist, Enterprise Security Group

“This is a milestone for ITU-T SG17 Question 10. We look forward to continued collaboration with OpenID Foundation in all areas including all decentralized Identity specifications. Together we can make these protocols globally accepted and interoperable”

–Abbie Barbir, Co-Rapporteur for ITU-T SG17 Question 10 (Identity Management)

The recognition of OpenID Connect Core by ITU reflects increasing alignment across standards organizations to support international interoperability. These ITU-T standards now serve as critical enablers of global trust frameworks, often being referenced in national policies and regulatory guidance.

A vision realized - thanks to Nat Sakimura

The idea to pursue formal ITU recognition for an OIDF spec originated with Nat Sakimura, a long-time advocate for global standardization. Nat’s early vision, and tireless coordination with national administrations, sparked the initiative:

“We are grateful to the ITU community for this first formal recognition of an OpenID Foundation standard as now an ITU Recommended standard. This recognition is a testament to the existing value of the OpenID Connect Core standard to the global community, and the potential to reach an even wider community with the ITU’s support.”
—Nat Sakimura, Chairman OpenID Foundation

Building on ISO/IEC success

This ITU milestone comes on the heels of another major achievement. In December 2023, the OpenID Foundation submitted a suite of OpenID Connect specifications to the ISO as Publicly Available Specifications (PAS). Following the ISO approval vote, the nine documents were published in 2024.

Before submission, the OpenID Connect Working Group meticulously applied all known errata to the specifications to ensure the ISO versions reflected the most up-to-date, error-free text. Publication of these ISO/IEC standards has already begun to foster broader adoption of OpenID Connect, particularly in jurisdictions requiring compliance with internationally recognized standards bodies.

Looking ahead - more standards on the horizon

With our first ITU and ISO/IEC successes secured, the OpenID Foundation will submit the remaining suite of OpenID Connect specifications, followed by the next wave of formal international OpenID Foundations standards. They include:

1. FAPI 1.0 - ISO PAS submission planned mid-2025, ITU recognition targeted for 2H 2025
2. OpenID for Identity Assurance - ISO PAS submission planned mid-2025, ITU recognition targeted for 2H 2025
3. FAPI 2.0 - targeting ISO PAS submission mid-2025, ITU recognition targeted for 2H 2025

Thank you to everyone who contributed to this journey with ITU, from editors and reviewers to national delegates and community volunteers. Together, we’re strengthening the security, interoperability, and global reach of digital identity. The road ahead is bright. We look forward to more OpenID Foundation specifications achieving formal recognition and empowering secure, seamless user experiences worldwide.

About the OpenID Foundation

The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, the Financial Grade API has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling “networks of networks” to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net. 

About ITU-T SG 17

ITU-T Study Group 17 (SG17) is the International Telecommunication Union's (ITU-T) primary body for security standardization. It is the lead study group on Identity Management. It focuses on developing standards to address security aspects of telecommunications, ICTs, and related applications. SG17 works on a wide range of security-related topics, including cybersecurity, security management, and identity management.