The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s […]
Voting will begin on Monday, January 9, 2023 and end on Monday, January 23, 2023, now that the 45-day review of the specifications has been completed. The Financial-grade API (FAPI) working group page is https://openid.net/wg/fapi/. If you’re not already a member, or if your membership has expired, please consider joining […]
The OpenID Foundation’s FAPI working group is pleased to announce the public review period has started for new Implementer’s Drafts of the FAPI 2.0 Security Profile and the FAPI 2.0 Attacker Model. These drafts coincide with the recently completed formal security analysis of the FAPI 2.0 specifications, the result of […]
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public […]
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available […]
The official voting period will be between Thursday, October 27, 2022 and Thursday, November 3, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Thursday, October 20, 2022 for members who have completed their reviews by then. The […]
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the […]
Last updated: February 2023. In one paragraph, FAPI 1.0 Advanced is secure, stable, and complete Final Specification with a certification test suite while FAPI 2.0 is still in development so new features can be incorporated. FAPI 2.0 Security Profile has been through a formal security analysis in the same way […]
The OpenID Foundation is delighted see the Financial Data Exchange’s recent announcement that FDX’s Financial-Grade API Security Specification v3.4 (companion to FDX API v5) supports the FAPI 1.0 Advanced and CIBA standards: “Alignment with Globally Interoperable Standards – The FDX API Security Specification v3.4 now references, supports and recommends utilization of […]
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/fapi-grant-management-ID1.html The voting […]