Guest Blog


Cisco Joins the OpenID Foundation Board, Signaling the Importance of Shared Signals to a Future of Zero Trust

Cisco has joined the OpenID Foundation as a sustaining member, effective November 2021. As Gail Hodges, the Executive Director of the OpenID Foundation said, “Cisco has played a pivotal role in building networked systems that underpin the internet today. We are honored to have Cisco join the Board at this […]


Shared Signals: An Open Standard for Webhooks

New OpenID Foundation draft enables secure and privacy protected webhooks to power an “API-First” world Author: Atul Tulshibagwale   APIs are an increasingly important aspect of software today, and “API-First” is the mantra being followed in a lot of new software development. A critical aspect of efficient APIs is their […]


Guest Blog: Financial-grade API (FAPI), Explained by an Implementer – Updated

NOTE: This article was updated to align to the FAPI 1.0 Final version which was published in March, 2021. CLICK HERE TO VIEW THIS BLOG IN PORTUGUESE Introduction Financial-grade API (FAPI) is a technical specification that Financial-grade API Working Group of OpenID Foundation has developed. It uses OAuth 2.0 and OpenID Connect (OIDC) as its base and defines additional technical requirements […]


Guest Blog: SecureAuth’s OpenID Foundation Membership Drives Interoperability and Authentication for Customer Identity Security Across Cloud and Mobile

Today, SecureAuth is an official member of the OpenID Foundation a non-profit international standardization organization committed to enabling, promoting and protecting OpenID technologies. As a distinguished member of the Foundation, SecureAuth also now has a voice in the elections for the governing body. SecureAuth Innovation Labs is dedicated to actively […]


Guest Blog: Implementing App-to-App Authorisation in OAuth2/OpenID Connect

What is app2app? App2app is a mechanism that allows mobile apps performing OAuth2 or OpenID Connect based authentication to offer a much simpler faster flow if the user already has an app provided by the authorization server owner installed on their mobile device. Here’s how it actually looks when I […]