The OpenID Foundation enables deployments of OpenID Connect and the Financial-grade API (FAPI) Read/Write Profile to be certified to specific conformance profiles to promote interoperability among implementations. The OpenID Foundation’s certification process utilizes self-certification and conformance test suites developed by the foundation. Certified implementations can use the “OpenID Certified” certification mark.
Here’s some news and places to learn more about the OpenID Certification program:
- NEW! Certification for deployments of the Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) launched in September 2019.
- NEW! Certification for OP deployments of logout functionality launched on August 1, 2019. Please test the tests!
- The certification instructions describe how to certify your deployments.
- OpenID Certification Frequently Asked Questions (FAQ)
- Certified OpenID Connect implementations are featured for developers at http://openid.net/developers/certified/.
Certified OpenID Providers
These deployments have been granted certifications for these OpenID Provider conformance profiles:
| Organization | Implementation | Basic OP | Implicit OP | Hybrid OP | Config OP | Dynamic OP | Form Post OP | 3rd Party-Init OP |
|---|---|---|---|---|---|---|---|---|
| Akamai | Identity Cloud | 12-Sep-2019 | 12-Sep-2019 | |||||
| Arizona Regional Multiple Listing Service | ARMLS Identity 2.0.2 | 21-Feb-2019 | ||||||
| Auth0 | Auth0 | 24-May-2016 | 15-Feb-2017 | 15-Feb-2017 | 24-May-2016 | 13-Aug-2018 | ||
| Authlete | Authlete 1.1 | 12-Jul-2017 | 12-Jul-2017 | 12-Jul-2017 | 12-Jul-2017 | |||
| Authlete | Authlete 2.1 | 5-Aug-2019 | 5-Aug-2019 | 5-Aug-2019 | 5-Aug-2019 | 5-Aug-2019 | 5-Aug-2019 | |
| AuthMachine | AuthMachine 4.0.7 | 19-Jul-2018 | 19-Jul-2018 | 19-Jul-2018 | 19-Jul-2018 | 19-Jul-2018 | 19-Jul-2018 | |
| Dominick Baier & Brock Allen | IdentityServer3 v1.6 | 8-May-2015 | 8-May-2015 | 8-May-2015 | 8-May-2015 | |||
| Dominick Baier & Brock Allen | IdentityServer4 | 12-Dec-2016 | 12-Dec-2016 | 12-Dec-2016 | 12-Dec-2016 | |||
| City of Beverly Hills | COBH Identity | 12-Mar-2019 | 12-Mar-2019 | 12-Mar-2019 | 12-Mar-2019 | 12-Mar-2019 | ||
| CA | CA API Gateway/CA Mobile API Gateway | 22-Jun-2017 | 1-Nov-2017 | 1-Nov-2017 | 22-Jun-2017 | |||
| CA | CA Single Sign-On 12.8.2 | 4-Feb-2019 | 4-Feb-2019 | 4-Feb-2019 | ||||
| Chinese Academy of Sciences, DACAS | DACAS UA Gateway v1.0 | 24-Apr-2019 | 26-Mar-2019 | 24-Apr-2019 | ||||
| Clareity Security | Identity Provider v6.3.4 | 4-May-2016 | 23-Jun-2016 | 23-Jun-2016 | 23-Jun-2016 | |||
| ClassLink | ClassLink OneClick 2015 | 3-Nov-2015 | 3-Nov-2015 | |||||
| Classmethod | Barista v.1.18.2 | 9-Nov-2017 | 9-Nov-2017 | |||||
| Cloudentity | Cloudentity OIDC services 1.3 | 18-Aug-2017 | 18-Aug-2017 | 18-Aug-2017 | ||||
| Cloud Foundry | UAA v60 | 27-Aug-2018 | ||||||
| Connect2id | Connect2id Server 6.1.2a | 3-Jan-2017 | 3-Jan-2017 | 3-Jan-2017 | 3-Jan-2017 | 3-Jan-2017 | ||
| Curity | Curity Identity Server 2.3.1 | 20-Dec-2017 | 20-Dec-2017 | 20-Dec-2017 | 20-Dec-2017 | |||
| Curity | Curity Identity Server 4.3.0 | 20-Sep-2019 | 20-Sep-2019 | 20-Sep-2019 | 20-Sep-2019 | 20-Sep-2019 | 20-Sep-2019 | 20-Sep-2019 |
| CZ.NIC | mojeID | 7-Jul-2016 | 31-Jul-2016 | 7-Jul-2016 | 7-Jul-2016 | |||
| Deutsche Telekom | Telekom Login | 29-Sep-2015 | 22-Sep-2015 | |||||
| ForgeRock | OpenAM 13 | 13-Apr-2015 | 13-Apr-2015 | 13-Apr-2015 | 13-Apr-2015 | |||
| Gluu | Gluu Server 3.1.3 | 18-Jul-2018 | 18-Jul-2018 | 18-Jul-2018 | 18-Jul-2018 | 18-Jul-2018 | 18-Jul-2018 | |
| Google Federated Identity | 20-Apr-2015 | 21-Apr-2015 | 23-Apr-2015 | 15-Apr-2015 | ||||
| GrabTaxi Holdings | Grab ID 1.0 | 6-Feb-2019 | 7-Feb-2019 | |||||
| GraviteeSource | Gravitee.io Access Management 2.1.x | 6-Nov-2018 | 6-Nov-2018 | 6-Nov-2018 | 16-Nov-2018 | |||
| GSMA | Mobile Connect Reference Implementation v2.3 | 18-May-2018 | ||||||
| Thierry Habart | SimpleIdentityServer V1.0.0 | 9-Dec-2015 | 11-Dec-2015 | |||||
| Thierry Habart | SimpleIdentityServer V2.0.0 | 19-Jan-2016 | 19-Jan-2016 | 19-Jan-2016 | 19-Jan-2016 | 19-Jan-2016 | ||
| Hanscan | Biocryptology OpenID Identity Server 1.3.1 | 31-May-2017 | 31-May-2017 | 31-May-2017 | 31-May-2017 | |||
| Roland Hedberg | pyoidc 0.7.7 | 26-Sep-2015 | 26-Sep-2015 | 26-Sep-2015 | 26-Sep-2015 | 26-Sep-2015 | ||
| Cal Heldenbrand | Spark Platform | 2-Oct-2015 | 2-Oct-2015 | 2-Oct-2015 | 5-Oct-2015 | |||
| IBM | IBM Cloud Identity | 11-Sep-2019 | 11-Sep-2019 | 11-Sep-2019 | 11-Sep-2019 | 11-Sep-2019 | ||
| IBM | IBM Security Access Manager V9.0.7 | 27-Aug-2019 | 27-Aug-2019 | 27-Aug-2019 | 27-Aug-2019 | 27-Aug-2019 | 27-Aug-2019 | |
| Identity Automation | RapidIdentity Federation | 12-Jan-2018 | 12-Jan-2018 | |||||
| i-Sprint Innovations | AccessMatrix UAM | 23-Aug-2018 | 23-Aug-2018 | 23-Aug-2018 | ||||
| KSIGN | KSign Access 4.0 | 17-Mar-2017 | ||||||
| The Library of Congress | Authentication, Authorization, and Accounting System, version 1.0 | 12-May-2017 | ||||||
| LINE | LINE Login | 15-Jun-2018 | ||||||
| Micro Focus | Micro Focus Access Manager 4.4 Service | 13-May-2019 | 13-May-2019 | 13-May-2019 | 13-May-2019 | |||
| Microsoft | ADFS on Windows Server 2016 | 13-Sep-2015 | 13-Sep-2015 | 7-Apr-2015 | ||||
| Microsoft | Azure Active Directory V1 | 15-Mar-2019 | 8-Apr-2015 | 15-Mar-2019 | ||||
| Microsoft | Azure Active Directory V2 | 15-Jan-2019 | 15-Jan-2019 | 15-Jan-2019 | 15-Jan-2019 | |||
| Microsoft | IEF Experimental Claimer V0.9 | 9-May-2018 | 9-May-2018 | |||||
| Mvine | Mvine Federated Identity Hub v1 | 1-Aug-2017 | ||||||
| NEC | NC7000-3A-OC | 7-Mar-2016 | ||||||
| NextReason | Next Reason Central Identity | 18-Sep-2018 | 18-Sep-2018 | |||||
| Nomura Research Institute | phpOIDC | 10-Apr-2015 | 10-Apr-2015 | 10-Apr-2015 | 10-Apr-2015 | 10-Apr-2015 | ||
| Nomura Research Institute | Uni-ID | 10-Apr-2015 | ||||||
| NRI SecureTechnologies | Uni-ID Libra 1.0 | 28-Jul-2017 | 28-Jul-2017 | 28-Jul-2017 | 28-Jul-2017 | |||
| NTT Software Corporation | TrustBind/Federation Manager | 26-Jan-2017 | 26-Jan-2017 | 26-Jan-2017 | ||||
| OGIS-RI | ThemiStruct Identity Platform v1.1.0 | 7-Oct-2016 | 7-Oct-2016 | 7-Oct-2016 | ||||
| OGIS-RI | ThemiStruct Identity Platform v1.3.0 | 28-Apr-2017 | 25-May-2017 | 28-Apr-2017 | ||||
| OGIS-RI | ThemiStruct Identity Platform v2.0.0 | 5-Mar-2018 | 5-Mar-2018 | 5-Mar-2018 | ||||
| OGIS-RI | ThemiStruct Identity Platform v2.2.0 | 20-Nov-2018 | 20-Nov-2018 | 20-Nov-2018 | 20-Nov-2018 | |||
| OGIS-RI | ThemiStruct Identity Platform v2.4.0 | 22-Jul-2019 | 22-Jul-2019 | 22-Jul-2019 | 22-Jul-2019 | |||
| Okta | Okta OP | 25-May-2016 | 26-May-2016 | 26-May-2016 | 26-May-2016 | 16-Jul-2018 | ||
| Onegini | Onegini Connect 5.0 | 9-Nov-2018 | 9-Nov-2018 | 9-Nov-2018 | ||||
| OpenAthens | OpenAthens Cloud | 3-Oct-2017 | 24-Oct-2017 | |||||
| Optimal IdM | TheOptimalCloud 4.2 | 19-Oct-2017 | 24-Oct-2017 | |||||
| Oracle | Oracle Identity Cloud Service 16-Apr-2018 | 16-Apr-2018 | 16-Apr-2018 | 16-Apr-2018 | 16-Apr-2018 | |||
| ORY GmbH | ORY Hydra v1.0.0 | 14-Jul-2018 | 14-Jul-2018 | 14-Jul-2018 | 14-Jul-2018 | 14-Jul-2018 | ||
| Oxyliom | GAÏA Trust Platform 4.4 | 9-Jun-2019 | 15-Jun-2019 | |||||
| PayPal | Login with PayPal | 15-Apr-2015 | ||||||
| Peercraft ApS | Peercraft | 19-Jan-2016 | 19-Jan-2016 | 19-Jan-2016 | 19-Jan-2016 | 19-Jan-2016 | ||
| Ping Identity | PingFederate 8.0 | 10-Apr-2015 | 10-Apr-2015 | 10-Apr-2015 | 9-Apr-2015 | |||
| Ping Identity | PingFederate 9.1.3 | 28-Sep-2018 | 28-Sep-2018 | 28-Sep-2018 | 28-Sep-2018 | 28-Sep-2018 | ||
| Ping Identity | PingOne for Enterprise 16.6.148 | 25-Feb-2019 | 25-Feb-2019 | 25-Feb-2019 | 25-Feb-2019 | 25-Feb-2019 | ||
| Pivotal | Pivotal Cloud Foundry 2.2 UAA | 17-Jul-2018 | ||||||
| Privacy Vaults Online (PRIVO) | PRIVO-Lock | 23-Oct-2015 | 25-Nov-2015 | |||||
| ProSiebenSat.1 Media | 7Pass ^2.0.0 | 7-Aug-2017 | 7-Aug-2017 | 21-Aug-2017 | 7-Aug-2017 | |||
| Recruit | Recruit ID | 16-May-2018 | ||||||
| Red Hat | Keycloak 2.3.0 | 31-Oct-2016 | 31-Oct-2016 | 31-Oct-2016 | 31-Oct-2016 | 31-Oct-2016 | ||
| Justin Richer | MITREidConnect | 13-May-2015 | 13-May-2015 | 13-May-2015 | ||||
| Salesforce | Summer 2015 Release | 14-May-2015 | ||||||
| Michael Schwartz | Gluu Server 2.3 | 2-Jul-2015 | 2-Jul-2015 | 8-Jul-2015 | 2-Jul-2015 | 2-Jul-2015 | ||
| Michael Schwartz | Gluu Server 3.1.1 | 16-Oct-2017 | 16-Oct-2017 | 16-Oct-2017 | 16-Oct-2017 | 16-Oct-2017 | 6-Jul-2018 | |
| SecureAuth | SecureAuth IdP 8.2 | 25-Feb-2016 | 25-Feb-2016 | 25-Feb-2016 | 7-Mar-2016 | |||
| Filip Skokan | node oidc-provider | 2-Jan-2017 | 2-Jan-2017 | 2-Jan-2017 | 2-Jan-2017 | 2-Jan-2017 | 25-Jun-2018 | 23-Sep-2019 |
| SoftBank | SoftBank OIDC v1.0 | 15-Jan-2019 | ||||||
| Symantec | NSL 2016.4.0.16 | 13-Oct-2016 | 13-Oct-2016 | |||||
| Tools4ever | HelloID 4.8.0 | 22-Aug-2018 | ||||||
| Trivore | Trivore Identity Service 3.0 | 26-Aug-2019 | 26-Aug-2019 | 26-Aug-2019 | 26-Aug-2019 | |||
| U2U Consult | The Identity Hub v1 | 17-Oct-2018 | 22-Oct-2018 | 23-Oct-2018 | ||||
| University of Chicago | OIDC OP Overlay for Shibboleth IdP v3.2.1 version 1.0 | 25-Feb-2016 | 25-Feb-2016 | |||||
| Verimi | Verimi 1.2 | 19-Oct-2018 | 31-Oct-2018 | |||||
| Verizon | VZConnect 1.9 | 21-Dec-2016 | ||||||
| Videntity Systems | Verify My Identity 0.1.1 | 29-Nov-2018 | 29-Nov-2018 | |||||
| ViewDS | Cobalt V1.0 | 28-Jan-2016 | 2-Feb-2016 | 28-Jan-2016 | ||||
| VMware | Workspace ONE | 18-Apr-2018 | 18-Apr-2018 | 18-Apr-2018 | 18-Apr-2018 | |||
| WidasConcepts | cidaas 2.0 | 11-Apr-2018 | 19-Apr-2018 | 16-Apr-2018 | 11-Apr-2018 | |||
| Matias Woloski | Auth0 | 6-Feb-2016 | 8-Feb-2016 | |||||
| WSO2 | Identity Server 5.4.0 | 15-Jan-2018 | 15-Jan-2018 | 20-Jul-2018 | 20-Jul-2018 | |||
| Yahoo! Japan | Yahoo! ID Federation v2 | 7-Dec-2016 | 7-Dec-2016 | 7-Dec-2016 | 7-Dec-2016 |
Certified Relying Parties
These deployments have been granted certifications for these Relying Party conformance profiles:
| Organization | Implementation | Basic RP | RP Implicit | Hybrid RP | Config RP | Dynamic RP | Form Post RP | 3rd Party-Init RP |
|---|---|---|---|---|---|---|---|---|
| Brock Allen | oidc-client-js 1.3 | 4-Feb-2017 | 7-Feb-2017 | |||||
| Dominick Baier | IdentityModel.OidcClient 2.0 | 27-Jan-2017 | 6-Feb-2017 | |||||
| Damien Bowden | angular-auth-oidc-client 1.0.2 | 21-Jun-2017 | 11-Aug-2017 | |||||
| F5 Networks | BIG-IP 13.1.0 Evergreen | 7-Jul-2017 | ||||||
| Thierry Habart | SimpleIdentityServer V1.0.1 | 17-Jan-2017 | 17-Jan-2017 | 17-Jan-2017 | 17-Jan-2017 | 17-Jan-2017 | ||
| Janrain | IDPD 2.6.0 | 7-Feb-2017 | ||||||
| Roland Hedberg | pyoidc 0.9.4 | 20-Dec-2016 | 20-Dec-2016 | 20-Dec-2016 | 20-Dec-2016 | 20-Dec-2016 | ||
| Roland Hedberg | oidcrp 0.4.0 | 16-Apr-2018 | 16-Apr-2018 | 16-Apr-2018 | 16-Apr-2018 | 16-Apr-2018 | ||
| IBM | Open Liberty 18.0.0.4 | 26-Oct-2018 | ||||||
| IBM | WebSphere Liberty 18.0.0.4 | 26-Oct-2018 | ||||||
| Tom Jones | TC.AUTHENTICATION 1.0 | 30-Jun-2017 | ||||||
| Karlsruher Institut für Technologie, SCC | oidcc 1.0.1 | 2-Feb-2017 | 2-Feb-2017 | |||||
| KSIGN | KSign Trust Thing 1.0 | 2-Jan-2018 | ||||||
| KSIGN | KSign Trust Thing 1.1 | 3-Oct-2018 | ||||||
| Nomura Research Institute | phpOIDC 2016 Winter | 7-Feb-2017 | 7-Feb-2017 | 7-Feb-2017 | 7-Feb-2017 | 7-Feb-2017 | ||
| Nov Matake | openid_connect rubygem v1.0.3 | 20-Jan-2017 | ||||||
| Ping Identity | PingAccess 4.2.2 | 26-Jan-2017 | ||||||
| Ping Identity | PingFederate 8.3.1 | 17-Jan-2017 | 31-Jan-2017 | |||||
| Ping Identity | PingFederate 9.2.1 | 4-Feb-2019 | 4-Feb-2019 | 4-Feb-2019 | ||||
| Filip Skokan | node openid-client ^1.3.0 | 15-Dec-2016 | 15-Dec-2016 | 15-Dec-2016 | 15-Dec-2016 | 15-Dec-2016 | ||
| Filip Skokan | node openid-client ^2.0.0 | 12-Apr-2018 | 12-Apr-2018 | 12-Apr-2018 | 12-Apr-2018 | 12-Apr-2018 | 29-Jun-2018 | |
| Filip Skokan | node openid-client ^3.0.0 | 11-May-2019 | 11-May-2019 | 11-May-2019 | 11-May-2019 | 11-May-2019 | 11-May-2019 | |
| Manfred Steyer | angular-oauth2-oidc 2.0.5 | 16-Aug-2017 | ||||||
| ZmartZone IAM | lua-resty-openidc 1.5.1 | 17-Nov-2017 | 17-Nov-2017 | |||||
| ZmartZone IAM | mod_auth_openidc 2.3.1 | 21-Jul-2017 | 21-Jul-2017 | 21-Jul-2017 | 21-Jul-2017 | 21-Jul-2017 |
Certified Financial-grade API (FAPI) OpenID Providers
These deployments have been granted certifications for these Financial-grade API (FAPI) conformance profiles:
| Organization | Implementation | FAPI R/W OP w/ MTLS | FAPI R/W OP w/ Private Key |
|---|---|---|---|
| Authlete | Authlete 2.1 | 1-Apr-2019 [view] | 1-Apr-2019 [view] |
| Cater Allen | CA Open Banking v1.3.0 | 4-Sep-2019 [view] | |
| Coutts & company | F23 | 27-Sep-2019 [view] | |
| Curity | Curity Identity Server 4.3.0 | 20-Sep-2019 [view] | 20-Sep-2019 [view] |
| ForgeRock | ForgeRock Financial 3.1.0-credence | 1-Apr-2019 [view] | |
| Ozone | Ozone Sandbox v3.1 | 6-Jun-2019 [view] | 6-Jun-2019 [view] |
| Ping Identity | PingFederate 9.2.3 | 29-May-2019 [view] | |
| Sainsbury’s Bank PLC | Sainsbury’s Bank Digital IAM Platform (version 19.8.8) | 9-Aug-2019 [view] | |
| Filip Skokan | node oidc-provider ^6.5.0 | 20-Aug-2019 [view] | 20-Aug-2019 [view] |
Certified Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) OpenID Providers
These deployments have been granted certifications for these Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) conformance profiles:
| Organization | Implementation | FAPI-CIBA OP poll w/ MTLS | FAPI-CIBA OP poll w/ Private Key | FAPI-CIBA OP Ping w/ MTLS | FAPI-CIBA OP Ping w/ Private Key |
|---|---|---|---|---|---|
| Authlete | Authlete 2.1 | 16-Sep-2019 [view] | 16-Sep-2019 [view] | 16-Sep-2019 [view] | 16-Sep-2019 [view] |