What are OpenID Specifications

OpenID specifications are developed by working groups in three phases: Drafts, Implementer’s Drafts, and Final Specifications. Implementer’s Drafts and Final Specifications provide intellectual property protections to implementers. Final Specifications are OpenID Foundation standards.

Final Specifications

Specifications with Implementer's Drafts

  • FastFed Core 1.0 – FastFed simplifies the administrative effort to configure identity federation between an identity provider and a hosted application. The specification defines metadata documents, APIs, and flows to enable an administrator to quickly connect two providers that support common standards such as OpenID Connect, SAML, and SCIM, and allows configuration changes to be communicated directly between the identity provider and hosted application on a recurring basis.
    – Most recent Implementer’s Draft 
  • FastFed 1.0 SAML Profile – This specification defines the requirements to implement the FastFed Enterprise SAML Profile.
    – Most recent Implementer’s Draft 
  • FastFed 1.0 SCIM Profile – This specification defines the requirements to implement the FastFed Profile for SCIM 2.0 Enterprise provisioning. This profile supports continual provisioning, update, and deprovisioning of end-users between the Identity Provider and Application Provider.
    – Most recent Implementer’s Draft 
  • OpenID Connect MODRNA Authentication Profile – RPs are keen to use high quality authentication methods, which can be provided by Mobile Network Operators (MNO). However a RP must be able to describe its demands for an authentication request and it must be able to do this in an interoperable way. The MODRNA Authentication Profile will specify how RP’s request a certain level of assurance for the authentication. In addition, the profile will specify an encrypted login hint token to allow for the transport of user identifiers to the OP in a privacy preserving fashion. Lastly, the profile will specify an additional message parameter intended to serve as an interlock between the user’s consumption device and authentication device.
    – Most recent Implementer’s Draft 
  • OpenID Connect Account Porting – This specification defines mechanisms to support a user porting from one OpenID Connect Provider to another, such that relying parties can automatically recognize and verify the change.
    – Most recent Implementer’s Draft 
  • OpenID Connect User Questioning API – This specification defines an API offered by an OpenID Provider (OP) that can be used by an application to send a question to a user of the OP. The user does not need to be interacting with the application when the question is asked. The user’s answer is returned asynchronously, digitally-signed by the OP.

    – Most recent Implementer’s Draft

  •  
  • AuthZEN 1.0 – Defines the API for a Policy Enforcement Point requesting an authorization decision from a Policy Decision Point.