Submission of Results for FAPI Read/Write OPs


This page describes how to submit completed FAPI-RW OP conformance testing results to the OpenID Foundation to request OpenID Certifications. Before submission, first all tests must be successfully passed for the desired conformance profiles and testing results gathered, as described in the FAPI Read/Write OP Testing Instructions. All tests MUST be in the ‘FINISHED’ status. Note that results with warnings are acceptable for certification purposes.

For each profile and client authentication type being certified to, the following information must be submitted in its own certification package:

  1. A signed copy of the Certification of Conformance (docx) (PDF) naming that profile. This should use the filename OpenID-Certification-of-Conformance.pdf in the submitted results. (A different extension such as .jpg for the scanned document may be used as appropriate.)
  2. A copy of the Certification Terms and Conditions document accompanying the Certification of Conformance. This must use the filename OpenID-Certification-Terms-and-Conditions.pdf in the submitted results. (This document is not signed but is included for completeness since it is referenced from the Certification of Conformance.)
  3. Signed Test log files for each test in the test plan. Each log file should be retrieved using the “Download Logs” button on the plan result web page. The original filename as downloaded should be retained.
  4. A text file with the filename OpenID-Certification-plan-url.txt containing the url for the test plan results page.

The certification package should consist of a single .zip or .tar file containing all the files and using the paths above. The filename should contain the name of the organization, the software being certified, the profile being certified to, the client authentication type and the current date. For example, a certification request by the ProseWare organization of its “Humongous Identity” software for the OP FAPI-RW profile, second implementers draft, using OAuth MTLS client authentication on April 1, 2019 should use a filename like ProseWare-Humongous_Identity-OP-FAPI-RW-ID2-OAuth-MTLS-1-Apr-2019.zip.

Example values for the blanks in the Certification of Conformance (docx) (PDF) are as follows:

  • Name of Entity (“Implementer”) Making this Certification: ProseWare
  • Software or Service (“Deployment”) Name & Version #: Humongous Identity 3.14159
  • OpenID Connect Conformance Profile: OP FAPI-RW ID2 OAuth-MTLS
  • Conformance Test Suite Software & Version #: www.certification.openid.net 2.0.99
  • Test Date: April 1, 2019
  • Authorized Signature: HQB
  • Name: Harry Q. Bovik
  • Title: Senior Computer Scientist
  • Date: April 1, 2019
  • Implementer’s Name: Jane Doe
  • Implementer’s Title: Programmer Extraordinaire
  • Implementer’s Phone: +1 (412) 555-1234
  • Implementer’s Email: jane@proseware.org
  • Implementer’s Address: 5000 Forbes Ave.
  • Implementer’s City, State/Province, Postal Code: Pittsburgh, PA 15213
  • Implementer’s Country: United States of America

The conformance test suite software version number can be found at the bottom homepage after logging in, and is also present in the JSON log file.

The certification package must be sent to the OpenID Foundation as an attachment at certification@oidf.org. The subject line of the e-mail request should be along the lines of “Certification request by ProseWare of Humongous Identity for the OP FAPI-RW ID2 profile”. If receipt of the submission is not acknowledged within two days (or three days if over a weekend), feel free to inquire about whether it was received by e-mailing a message without the attachment (to keep the size of the inquiry small) to certification@oidf.org, cc’ing director@oidf.org.

A fee is required for FAPI OP certifications. See the OpenID Certification Fee Schedule page for more information. Please pay for your certification application at the Certification Payment page when you make your submission.