Latest News
Current news about the OpenID Foundation and the community at large. Please visit the News Archive to view news older than two years.
OpenID Foundation returns to Gartner IAM Summit to showcase Shared Signals interoperability in action
OpenID Foundation returns to Gartner IAM Summit to showcase Shared Signals interoperability in action OpenID Foundation invites attendees to come along and find out how it is laying the groundwork for safer digital ecosystems leveraging shared signals. December event will demonstrate the game-changing role the OpenID Foundation’s Shared Signals Framework
Notice of Vote for Proposed Implementer’s Draft of OpenID4VP Specification
The official voting period will be between Tuesday, December 17, 2024 and Tuesday, December 24, 2024 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Tuesday, December 10, 2024. The
AuthZEN Authorization API 1.0 Implementer’s Draft Approved
The OpenID Foundation membership has approved the following AuthZEN specifications as an OpenID Implementer’s Draft: Authorization API 1.0 Implementer’s Draft: https://openid.net/specs/authorization-api-1_0-01.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This Implementer’s Draft is a product of the AuthZEN Working
For the Record: The IPSIE WG and OpenID Foundation Processes
We recently shared some exciting news about a new Working Group, Interoperability Profiling for Secure Identity in the Enterprise (IPSIE). However, there have been some misunderstandings in the media coverage that followed the OpenID Foundation’s announcement. The OIDF is keen to clarify our ways of working and affirm that all
FAPI 2.0 Conformance Tests Now Support DPoP
The OpenID Foundation is pleased to announce the release of DPoP (Demonstration of Proof-of-Possession, RFC 9449) support in FAPI 2.0 Conformance Tests. Implementers can now certify their solutions with DPoP, adding an additional layer of security for client authentication. This update follows the beta phase and addresses the community’s feedback
Public Review Period for Proposed Implementer’s Draft of OpenID4VP Specification
The OpenID AB/Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID4VP: https://openid.net/specs/openid-4-verifiable-presentations-1_0-22.html This would be the third Implementer’s Draft of this specification. This version has 3 major changes: Introduces the Digital Credentials Query Language; this is an alternative to Presentation Exchange Introduces the transaction data mechanism
Notice of Vote for Proposed AuthZEN Authorization API 1.0 Implementer’s Draft
The official voting period will be between Thursday, November 7, 2024 and Thursday, November 14, 2024 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Thursday, October 31, 2024. The AuthZEN work
Revisions to OpenID Process Document and IPR Policy Approved
A subgroup of OpenID Foundation board members and key staff have been working to update the “OpenID Process” document based on issues raised by some board members to ensure the document aligns with how the Foundation currently works. This update addresses those original issues and also identified a significant number
Announcing the IPSIE Working Group
The OpenID Foundation is delighted to announce the formation of the Interoperability Profiling for Secure Identity in the Enterprise (IPSIE) Working Group. This WG aims to tackle key challenges that underlie identity security in today’s enterprise environments. The Core Challenge Identity and Access Management (IAM) within the enterprise is a
10 Years On: OpenID Connect Published as an ISO/IEC Spec
The OpenID Connect Final specification was launched on February 26, 2014 with a vision of increased security, privacy, and usability on the internet. Ten years after that publication, we are delighted to announce that 9 OpenID Connect specifications are now published as ISO/IEC standards. ISO/IEC 26131:2024 — Information technology —
Three OpenID Connect for Identity Assurance Final Specifications Approved
The OpenID Foundation membership has approved the following three OpenID Connect for Identity Assurance specifications as an OpenID Final Specifications: OpenID Identity Assurance Schema Definition 1.0 – https://openid.net/specs/openid-ida-verified-claims-1_0-final.html OpenID Connect for Identity Assurance Claims Registration 1.0 – https://openid.net/specs/openid-connect-4-ida-claims-1_0-final.html OpenID Connect for Identity Assurance 1.0 – https://openid.net/specs/openid-connect-4-identity-assurance-1_0-final.html A Final Specification provides intellectual
Announcing the Death and the Digital Estate Community Group
By Dean H. Saxe I am happy to announce the formation of the Death and the Digital Estate Community Group (DADE CG). DADE CG has been created as a space for the OpenID Foundation and identity community to develop an understanding of how individuals can manage their digital estate in
Accelerating mDL Adoption in the United States
The OpenID Foundation is delighted to announce that it is one of 15 parties to a Collaborative Research and Development Agreement (CRADA) with the National Cybersecurity Council Center of Excellence. This project will accelerate digital identity adoption in the United States. Its first use case supports financial institutions to meet
Public Review Period for Proposed AuthZEN Authorization API 1.0 Implementer’s Draft
This blog was updated Thursday, October 24, 2024 to update the vote announcement and voting period milestones The OpenID AuthZEN Working Group recommends approval of the Authorization API 1.0 specification as an OpenID Implementer’s Draft: Authorization API 1.0 Implementer’s Draft Other formats: XML, MD An Implementer’s Draft is a stable version of a
Proposed Revisions to OpenID Process Document and IPR Policy
Dear OpenID Foundation Members, A subgroup of OpenID Foundation board members and key staff have been working to update the “OpenID Process” document based on issues raised by some board members to ensure the document aligns with how the Foundation currently works. This update addresses those original issues and also
Notice of Vote for Proposed Final OpenID Connect for Identity Assurance Specifications
The official voting period will be between Monday, September 23, 2024 and Monday, September 30, 2024 (12:00pm PT), once the 60 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Monday, September 16, 2024. The eKYC &
OIDF to Co-Host Mobile Drivers License Hackathons
Image sourced from Chat GPT The OpenID Foundation is proud to co-host two Hackathons with the California Department of Motor Vehicles (DMV) in support of their Mobile Drivers License (mDL) pilot. What is the Project? In 2021, the California legislature authorized the DMV to start an mDL pilot, and since
Three Shared Signals Implementer’s Drafts Approved
The OpenID Foundation membership has approved the following three Shared Signals specifications as OpenID Implementer’s Drafts: OpenID Shared Signals Framework Specification 1.0: https://openid.net/specs/openid-sharedsignals-framework-1_0-ID3.html OpenID Continuous Access Evaluation Profile 1.0: https://openid.net/specs/openid-caep-1_0-ID2.html CAEP Interoperability Profile 1.0: https://openid.net/specs/openid-caep-interoperability-profile-1_0-ID1.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to
GAIN Community Group: An Update
Over the last two years, the GAIN POC Community Group has been working steadily on demonstrating that disparate digital identity implementations can be integrated. We have been through two cycles that largely ended up with the same high-level process: Agree specifics Implement code changes Integrate & demonstrate interoperability The two
Registration Open for OpenID Foundation Hybrid Workshop at Microsoft on Monday, October 28, 2024
Workshop Overview OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2024 Foundation key initiatives as well as updates from active work
Notice of Vote for Proposed Three Shared Signals Implementer’s Drafts
The official voting period will be between Monday, August 12, 2024 and Monday, August 19, 2024 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Monday, August 5, 2024.
Public Review Period for Proposed Final OpenID Connect for Identity Assurance Specifications
The OpenID Foundation’s eKYC & IDA Working Group recommends approval of the following specifications as OpenID Final Specifications. OpenID Connect for Identity Assurance 1.0 Other formats: ZIP, XML, MD OpenID Connect for Identity Assurance Claims Registration 1.0 Other formats: ZIP, XML, MD OpenID Identity Assurance schema definition 1.0 Other formats:
Fourth Implementer’s Draft of OpenID Federation Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Federation 1.0 This is the fourth Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This specification is a product
Guidance to the CFPB regarding US Open Banking
Authors: Gail Hodges, Joseph Heenan, Dima Postnikov, Mark Haine, Mike Leszcz, Elizabeth Garber Following our May 16 open letter to the Consumer Financial Protection Bureau, the OpenID Foundation has been engaged in discussions about their rule-making on Personal Financial Data Rights. This post summarizes our guidance to the CFPB. Why
Calling all Implementers: Shared Signals Interop at Gartner IAM Summit
Join us for a Shared Signals Interop Event at Gartner IAM in Grapevine, Texas (December 9-11) Momentum continues to build around the OpenID Shared Signals Framework, CAEP, and RISC standards. Leading companies have announced their support, and implementations are now in production. Building on the success of the first CAEP
All Aboard the CAEP-Ability Hype Train!
Authors: Sean O’Dell (Disney), Atul Tulshibagwale (SGNL) An Identiverse 2024 Panel Recap The attendance for this panel, which featured all co-chairs of the Shared Signals Working Group (SSWG), was near capacity and the engagement from the audience in the Q&A was resounding…because the hype is real with CAEP. The panel
Notice of Vote for Proposed Fourth Implementer’s Draft of OpenID Federation
The official voting period will be between Wednesday, July 17, 2024 and Wednesday, July 24, 2024 (11:59:59PM PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Wednesday, July 10, 2024.
New Shared Signals Drafts
Authors / Shared Signals Co-Chairs: Atul Tulshibagwale, SGNL; Shayne Miel, Cisco; Sean O’Dell, Disney; and Tim Cappalli, Okta The OpenID SSWG has released three new drafts for review by the OpenID Foundation membership. We would like to describe the salient features of these drafts here. At the end of the
OpenID for Verifiable Credentials Wins EIC Award!
The OpenID Foundation is proud to announce that, for the work building the “OpenID for Verifiable Credentials” family of specifications, members of the Digital Credentials Protocol (DCP) Work Group won the “Future Technologies and Standards” award at the European Identity and Cloud Conference. For the last several years, this group
Public Review Period for Three Shared Signals Drafts
The OpenID Shared Signals Working Group recommends approval of the following three specifications as OpenID Implementer’s Drafts: Shared Signals Framework Draft 03 Other formats: TXT, XML, MD CAEP Draft 03 Other formats: TXT, XML, MD CAEP Interoperability Profile Draft 00 Other formats: TXT, XML, MD An Implementer’s Draft is a stable version
Digital Identity at the G20
On June 18, 2024 the OpenID Foundation’s Executive Director, Gail Hodges, spoke about Digital Identity at the G20 during the Digital Government and Inclusion Workshop. The following are her prepared remarks. Bom dia and hello. I’d first like to applaud the Brazilian Government for your impressive work on Digital
Public Review Period for Proposed Fourth Implementer’s Draft of OpenID Federation
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Federation 1.0 This would be the fourth Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note
AuthZEN Work Group Announces Authorization Interop Results
Conformance with the AuthZEN request/response protocol marks a significant milestone in simplifying and standardizing authorization approaches The OpenID Foundation led the standardization of authentication protocols with OpenID Connect and now we are proud to host the AuthZEN Working Group as they seek to do the same for authorization.” —
AI for Identity Standards
The OpenID Foundation recently convened a panel on Artificial Intelligence and Identity Standards. The panelists included: Nancy Cam-Winget, Cisco Kaelig Deloumeau-Prigent, Netlify Mike Kiser, SailPoint Geraint Rogers, Daon Gail Hodges, OpenID Foundation (moderator) This summary draws out general themes and comments are not attributed to individuals or their organizations. Technology
Letter to the CFPB on US Open Banking
The Honorable Rohit ChopraDirectorConsumer Financial Protection Bureau 1700 G St NWWashington, DC 20552 rohit.chopra@cfpb.gov May 16, 2024 Director Chopra, The OpenID Foundation is a non-profit organization whose mission is to lead the global community in creating open standards that are secure, interoperable and privacy-preserving. As part of that mission, we have
OIDF Welcomes Mastercard to the Board
The OpenID Foundation (OIDF) is thrilled to welcome Mastercard to the Board of Directors as a Sustaining Member. Since joining in 2022 as a Corporate Member, Mastercard has been involved in several OIDF Work Groups. The Foundation welcomes Mastercard as a global technology leader in the payments industry. “Mastercard have
Post-Quantum Identity Standards
Image generated by Dall-e At its pre-IIW workshop on Monday, April 14, the OpenID Foundation convened a panel on Post-Quantum Computing and Identity. The panelists included: Andrea D’Intino, Dyne.org Nancy Cam-Winget, Cisco John Bradley, Yubico Rick Byers, Google Gail Hodges, OpenID Foundation (moderator) This summary draws out general themes and
Shared Signals: Enhanced Security for All
Last month, at the Gartner Identity and Access Management Summit in London, industry leaders showcased successful, interoperable implementations of the Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP). This included Okta, SailPoint, and Cisco as well as security startups SGNL, VeriClouds, and Helisoft. The SSF suite of standards
Implementer’s Draft of OpenID for Verifiable Credential Issuance Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Credential Issuance 1.0 This is the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This specification
Notice of Vote for Proposed Implementer’s Draft of OpenID for Verifiable Credential Issuance
The official voting period will be between Monday, March 25, 2024 and Monday, April 1, 2024, once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Monday, March 18, 2024. The OpenID
OpenID Foundation Certification Program Recruiting a Java Developer
Published March 8, 2024, revised May 15, 2023. Please note the OpenID Foundation is no longer recruiting a Java developer. The OpenID Foundation is pleased to announce that it is looking to add a Java developer to the successful OpenID certification program team. The OpenID Foundation enables deployments of OpenID
OpenID Summit Tokyo 2024 and Celebrating 10 Years of OpenID Connect
OpenID Foundation Japan (OIDF-J) hosted the OpenID Summit Tokyo 2024 in Shibuya Tokyo on Friday, January 19, 2024 with over 250 in attendance. The OpenID Foundation (OIDF) was thrilled to be a part of the Summit that included contributors from Japan and abroad presenting on current digital identity, security, and
Registration Open for OpenID Foundation Hybrid Workshop at Google on Monday, April 15, 2024
Workshop Overview OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2024 Foundation strategic initiatives as well as updates on active working
Public Review Period for Proposed Implementer’s Draft of OpenID for Verifiable Credential Issuance
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Credential Issuance 1.0 This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the
SIDI Hub Announces Roadmap to Drive Cross-Border Interoperability for Digital Identity
The OpenID Foundation is proud to be a founding member of the Sustainable and Interoperable Digital Identity (SIDI) Hub. Interoperability is crucial for a fair and inclusive digital society. By coordinating the digital identity activities already underway, and defining a governance structure for digital identity credentials, the SIDI Hub is
Formal Security Analysis of OpenID for Verifiable Credentials
The first in-depth security analysis of OpenID for Verifiable Credentials has been completed, with the goal of increasing confidence in the security of these specifications. The formal security analysis includes the protocols OpenID for Verifiable Credential Issuance (OID4VCI) and OpenID for Verifiable Presentations (OID4VP), both part of the OpenID for
2024 OpenID Foundation Board of Directors Election Results
I want to personally thank all OpenID Foundation members who voted in the 2024 elections for representatives to the OpenID Foundation board of directors. Please note that the OpenID Foundation board of directors unanimously approved updated Bylaws at a board meeting on November 16, 2023, with full details, including a
OpenID Foundation Comments on CFPB Rule 1033 Regarding Open Banking
Blog authored by Mark Haine. The OpenID Foundation submitted comments to the CFPB on the recent Open Banking rule 1033 on Friday, December 29, 2023. The cover note to the CFPB is provided in full below, and the detailed comments can be viewed here. We are proud to support the
Call for Participation: Demonstrate Interoperability of your CAEP Implementations
Published December 21, 2023, revised January 6, 2024. Note: The deadline for indicating interest in the CAEP Interoperability Event has been extended from January 6, 2024 to January 12, 2024. The OpenID Foundation, in partnership with Gartner, would like to invite you to participate in an interoperability event where different
Second Errata Set for OpenID Connect Specifications Approved
Errata to the following specifications have been approved by a vote of the OpenID Foundation members: OpenID Connect Core 1.0 – Defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of Claims to communicate information about the End-User OpenID Connect Discovery 1.0 –
The Importance of OpenID Foundation Shared Signals Framework
Published December, 2023, revised February 14, 2024 to confirm interoperability demonstration at Gartner IAM conference held in London, UK. Blog authored by Apoorva Deshpande, Engineering Leader, Okta. The OpenID Foundation Shared Signals Framework (SSF) is an emerging and promising standard for sharing security signals between trusted parties. It has the
Announcing the 2024 OpenID Foundation Community Representatives Election
This is to announce the 2024 OpenID Foundation Community Representatives election schedule. Those elected will help guide the Foundation’s efforts in facilitating the development and adoption of important open identity standards enabling global interoperability as well as the strategic direction of the Foundation. Please note that the OpenID Foundation board of
Formal Security Analysis of FAPI 2.0 Message Signing, DCR, DCM and FAPI-CIBA Completed
Following the publication of the formal security analysis of the FAPI 2.0 Security Profile in December 2022, a second round of analysis has now been completed, extending it to include FAPI 2.0 Message Signing, Dynamic Client Registration (DCR), Dynamic Client Management (DCM), and FAPI-CIBA. The analysis was co-funded by the
Second Implementer’s Draft of Shared Signals Framework Specification Approved
The OpenID Foundation membership has approved the following Shared Signals specifications as OpenID Implementer’s Drafts: OpenID Shared Signals Framework Specification An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the second Shared Signals Framework Implementer’s Drafts. The Implementer’s
Registration Open for OpenID Foundation Hybrid Workshop in Tokyo, Japan on Thursday, January 18, 2024
Published December 4, 2023, revised January 8, 2024 to include workshop agenda. The OpenID Foundation is pleased to announce a hybrid workshop hosted by KDDI in Tokyo, Japan on Thursday, January 18, 2024. This workshop precedes the 2024 OpenID Foundation – Japan Summit. Please note that registration is required for
OpenID Foundation Updates Bylaws
The OpenID Foundation board of directors unanimously approved updating the Foundation’s Bylaws by a 75% supermajority vote as required by the Bylaws (Section 9.2 Bylaw Amendments) at the November 16, 2023 board meeting. The new Bylaws are effective as of November 16, 2023. From the founding of the OpenID Foundation,
Notice of Vote to Approve Proposed Second Errata Set for OpenID Connect Specifications
The official voting period will be between Wednesday, December 6, 2023 and Wednesday, December 13, 2023, following the 45 day review of the specifications. For the convenience of members who have completed their reviews by then, voting will actually open a week early on Wednesday, November 29, 2023, with the voting
OpenID Foundation Joins CAMARA
Published November 21, 2023, revised November 22, 2023 to include Deutsche Telekom quote. The OpenID Foundation is pleased to announce that it has joined the Linux Foundation’s CAMARA project as an Associate Member. CAMARA is an open source project within Linux Foundation that defines, develops and tests the APIs enabling
Notice of Vote for Proposed Implementer’s Draft of Shared Signals Framework Specification
The voting period will be between Tuesday, November 28, 2023 and Tuesday, December 5, 2023, once the 45-day review of the specifications has been completed. The Shared Signals working group page is https://openid.net/wg/sharedsignals/. If you’re not already a member, or if your membership has expired, please consider joining to participate
What’s New in the Shared Signals Framework?
Authors: Atul Tulshibagwale (SGNL), Apoorva Deshpande (Okta), and Shayne Miel (Cisco Duo). A new draft of the Shared Signals Framework has been released for public review. Here’s how it is different from the previous version. The OpenID Shared Signals Working Group (SSWG) has made important changes to the Shared Signals
2023 OpenID Foundation Kim Cameron Award Recipients Share Their Experiences
In April 2023, the OpenID Foundation announced the 2023 Kim Cameron Award recipients. Today we’re pleased for the award recipients to share their experiences. The goal of the awards is to increase representation from young people’s who’ve demonstrated an interest in subjects consistent with best practices and identity standards that
Review of Second Proposed Errata Set for OpenID Connect Specifications
The OpenID Connect Working Group recommends the approval of Errata corrections to the following specifications: OpenID Connect Core 1.0 – Defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of Claims to communicate information about the End-User OpenID Connect Discovery 1.0 – Defines how Relying
Announcing the Authorization Exchange (AuthZEN) Working Group
A new working group has been accepted by the OpenID Foundation (OIDF) Specs Council that will focus on increasing interoperability of authorization systems. The new working group, called Authorization Exchange (AuthZEN), resulted from a series of conversations at the two most recent Identiverse conferences. After this year’s event, it was
OpenID Foundation Announces New Whitepaper Process
The OpenID Foundation is pleased to announce a new Whitepaper Process as approved by the Board of Directors on October 9, 2023. OIDF-led and co-led whitepapers help ecosystem stakeholders understand the wider landscape and the role of OIDF standards within that wider landscape. Such whitepapers make OIDF’s global, technical expertise more accessible to ecosystem stakeholders,
Public Review Period for Shared Signals Framework Specification
The OpenID Shared Signals Working Group recommends approval of the following specification as OpenID Implementer’s Draft: OpenID Shared Signals Framework Specification This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.
A Major Step Towards Interoperable Identity Assurance
By Mark Haine & Drummond Reed A persistent goal of digital identity technology is to enable relying parties to reach the level of identity assurance they need to proceed with any specific interaction. Although there are many descriptions of “identity assurance levels”, such as the three levels defined in the NIST
OpenID Foundation Chairman Nat Sakimura Speaks on OECD “Recommendations on the Governance of Digital Identity” Panel
This blog was updated on September 28, 2023 to include an updated link that includes the session recordings. OECD hosted a launch event on September 26, 2023 on the Recommendation on the Governance of Digital Identity, (note the session recordings at the bottom of the page) as adopted by the
Announcing the “Human-Centric Digital Identity: for Government Officials” Final Whitepaper
Published September 25, 2023, revised October 13, 2023. Version 1.1 of this paper was published October 13, 2023 as we are pleased to confirm MOSIP was added as a co brand partner of the paper. Revision history is available upon request. The OpenID Foundation is pleased to announce that the
Registration Open for OpenID Foundation Hybrid Workshop at Cisco on Monday, October 9, 2023
Workshop Overview OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2023 Foundation key initiatives as well as updates on active working
Announcing the Digital Credentials Protocols Working Group
Announcing the Digital Credentials Protocols Working Group The OpenID Foundation (OIDF) Specs Council has accepted a proposal to create a new working group as a dedicated home of the OpenID for Verifiable Credentials specs family. The new working group is designated as “Digital Credentials Protocols Working Group” (DCP WG). The
Announcing “GAIN in 2023” Whitepaper
We are delighted to announce the joint publication of “GAIN in 2023” which is a collaboration between six organizations who continue to pursue the vision of interoperable high trust identity networks, as articulated in the “GAIN Digital Trust” paper, published in 2021 by 156 independent identity industry experts and stakeholders.
Second Implementer’s Draft of Grant Management for OAuth 2.0 Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification.
Open for Comment “Human-Centric Identity: a primer for government officials”
Government officials, policymakers, technologists, legal scholars, and human rights advocates are invited to offer feedback on a new white paper “Human-Centric Identity: a primer for government officials”. This follows the publication of “Government-issued Digital Credentials and the Privacy Landscape” (Flanagan, 2023), which delved into challenges of creating a globally viable
OpenID Foundation Announces FAPI-RW App2app Certification Launched
Global interoperability, a common cause among many national and industry groups, seems especially urgent these days, especially in matters of security. Interop requires open standards, a “best idea wins” debate among experts and patience, lots of patience. The Financial-Grade API Working Group has a singular focus on developing its security
Notice of Vote for Proposed Second Implementer’s Draft of Grant Management for OAuth 2.0
The official voting period will be between Sunday, July 2, 2023 and Sunday, July 9, 2023, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually open on Sunday, June 25, 2023 for members who have completed their reviews by then, with
Public Review Period for Proposed Second Implementer’s Draft of Grant Management for OAuth 2.0
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of
Implementer’s Draft of FAPI 2.0 Message Signing Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: FAPI 2.0 Message Signing An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. The
First FAPI 2.0 Certifications Published
OpenID Foundation is pleased to announce that the first set of FAPI 2.0 self-certifications have been published and can now be viewed on the Certification Listings. We congratulate Authlete, Cloudentity, ConnectID, Ping Identity, and Raidiam for achieving compliance with the current FAPI 2.0 certifications and for being thought leaders on
Announcing the Final Draft “Government-Issued Digital Credentials and the Privacy Landscape”
Published May 4, 2023, revised August 25, 2023. Version 1.1 of this paper was published August 25, 2023 to include a narrow set of corrections submitted by the cobranding organizations, and incorporated at the discretion of the editor. Revision history is available upon request. The OpenID Foundation is pleased announce
Second Implementer’s Draft of OpenID for Verifiable Presentations Specification Approved
Second Implementer’s Draft of OpenID for Verifiable Presentations Specification Approved The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the
Notice of Vote for Proposed FAPI 2.0 Message Signing Implementer’s Draft
The official voting period will be between Tuesday, May 9, 2023 and Tuesday, May 16, 2023, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually open on Tuesday, May 2, 2023 for members who have completed their reviews by then, with
Announcing the 2023 OpenID Foundation Kim Cameron Award Recipients
The OpenID Foundation is pleased to announce the 2023 Kim Cameron award recipients. The goal of the awards is to increase representation from young people’s who’ve demonstrated an interest in subjects consistent with best practices and identity standards that are secure, interoperable, and privacy preserving. First, many thanks to the
Notice of Vote for Proposed Second Implementer’s Draft of OpenID for Verifiable Presentations Specification
The official voting period will be between Monday, April 24, 2023 and Monday, May 1, 2023, following the 45 day review of the specification. For the convenience of members, voting will actually open on Monday, April 17, 2023 for members who have completed their reviews by then, with the voting
Public Review Period for Proposed FAPI 2.0 Message Signing Implementer’s Draft
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: FAPI 2.0 Message Signing This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the
FAPI 2.0 Conformance Tests and Certifications Now Available
The OpenID Foundation is pleased to announce the availability of certification tests for both FAPI 2.0 Security Profile Implementers Draft 2and the upcoming first Implementer’s Draft of FAPI 2.0 Message Signing. The FAPI Working Group has taken many of the learnings from FAPI 1.0 and also formulated an attacker model,
Public Review Period for Proposed Second Implementer’s Draft of OpenID for Verifiable Presentations Specification
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This
OpenID Foundation Joins the OpenWallet Foundation
OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2023 Foundation key initiatives as well as updates on active working groups.
2023 OpenID Foundation Kim Cameron Awards Now Open for Submissions
Overview The OpenID Foundation board of directors established the OpenID Foundation Kim Cameron Award Program in May 2022. Our goal is to encourage representation from young people who have an interest in subjects consistent with the OpenID Foundation Mission, in creating identity standards that are secure, interoperable, and privacy preserving.
2023 OpenID Foundation Board of Directors Election Results
I want to personally thank all Foundation members who voted in the 2023 elections for representatives to the OpenID Foundation board of directors. Each year Corporate members of the Foundation elect a member to represent them on the board with all Corporate members in good standing eligible to nominate and
Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s
Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s
Notice of Vote for Proposed Second Implementer’s Drafts of Two FAPI 2.0 Specifications
Voting will begin on Monday, January 9, 2023 and end on Monday, January 23, 2023, now that the 45-day review of the specifications has been completed. The Financial-grade API (FAPI) working group page is https://openid.net/wg/fapi/. If you’re not already a member, or if your membership has expired, please consider joining
Announcing the 2023 OpenID Foundation Individual Community Board Members Election
This is to announce the OpenID Foundation individual community board members 2023 election schedule. Those elected will help determine the role the Foundation plays in facilitating the develop and adoption of important open identity standards enabling global interoperability as well as the strategic directions of the Foundation. Per the Foundation’s bylaws,
Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0 This is the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.
FAPI 2.0 – Announcing New Drafts and Security Analysis
The OpenID Foundation’s FAPI working group is pleased to announce the public review period has started for new Implementer’s Drafts of the FAPI 2.0 Security Profile and the FAPI 2.0 Attacker Model. These drafts coincide with the recently completed formal security analysis of the FAPI 2.0 specifications, the result of
Initiating User Registration via OpenID Connect is now a Final Specification
The OpenID Foundation membership has approved the following OpenID Connect specification as an OpenID Final Specification: Initiating User Registration via OpenID Connect A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-connect-prompt-create-1_0-final.html The voting
Unmet Authentication Requirements is now a Final Specification
The OpenID Foundation membership has approved the following OpenID Connect specification as an OpenID Final Specification: OpenID Connect Core Error Code unmet_authentication_requirements A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-connect-unmet-authentication-requirements-1_0-final.html The voting
Notice of Vote for Proposed Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps
The official voting period will be between Friday, November 18, 2022 and Friday, November 25, 2022, once the 45 day review of the specification has been completed. For the convenience of members, voting will actually continue until Friday, December 2, 2022. The OpenID Connect Working Group page is https://openid.net/wg/connect/. If
Public Review Period for Two Proposed FAPI 2.0 Second Implementer’s Drafts
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public
JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) is now a Final Specification
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available
Notice of Vote for Proposed Final Initiating User Registration via OpenID Connect Specification
The official voting period will be between Tuesday, November 22, 2022 and Tuesday, November 29, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Tuesday, November 15, 2022 for members who have completed their reviews by then. The
OpenID Foundation Announces Liaison Partnership with the European Telecommunications Standards Institute (ETSI)
The OpenID Foundation is pleased to announce a liaison partnership with the European Telecommunications Standards Institute (ETSI). ETSI provides members with an open and inclusive environment to support the development, ratification and testing of globally applicable standards for ICT systems and services across all sectors of industry and society. ETSI
Notice of Vote for Proposed Final Unmet Authentication Requirements Specification
The official voting period will be between Wednesday, November 9, 2022 and Wednesday, November 16, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Wednesday, November 2, 2022 for members who have completed their reviews by then. The
Notice of Vote for Proposed Final JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Specification
The official voting period will be between Thursday, October 27, 2022 and Thursday, November 3, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Thursday, October 20, 2022 for members who have completed their reviews by then. The
Fourth Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the fourth Implementer’s Draft of this specification. This specification
Public Review Period for Proposed Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0 This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers
Public Review Period for Proposed Final Initiating User Registration via OpenID Connect Specification
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: Initiating User Registration via OpenID Connect A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for
Notice of Vote for Fourth Implementer’s Draft of OpenID Connect for Identity Assurance Specification
The official voting period will be between Tuesday, October 4, 2022 and Tuesday, October 11, 2022, following the 45 day review of the specification. For the convenience of members, voting will actually open on Monday, September 26, 2022 for members who have completed their reviews by then, with the voting
The OpenID Connect Logout specifications are now Final Specifications
The OpenID Foundation membership has approved the following OpenID Connect specifications as OpenID Final Specifications: OpenID Connect Session Management 1.0 OpenID Connect Front-Channel Logout 1.0 OpenID Connect Back-Channel Logout 1.0 OpenID Connect RP-Initiated Logout 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not
Public Review Period for Proposed Final Unmet Authentication Requirements Specification
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Core Error Code unmet_authentication_requirements A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for
Guest Blog: Frederico Schardong Participates in Identiverse 2022 as a Kim Cameron Award Recipient
Despite the fact that I only discovered Kim Cameron’s seminar article on the seven laws of identity many years after it was published, it felt as current as anything new I was reading when I first began studying identity. Going through his thought-provoking blog posts about identity and privacy also
Public Review Period for Proposed Final JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Specification
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the
Second Implementer’s Draft of RISC Profile Approved
The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/openid-risc-profile-specification-1_0-ID2.html
OpenID Connect for Identity Assurance – Overview & Call to Action
Introduction At the start of 2020 a new workgroup was formed under the OpenID Foundation that was to continue on from activities that had been ongoing in the AB/Connect Working Group | OpenID for some months. That new working group came to be known as the eKYC & Identity Assurance Working Group. The
Guest Blog: Michal Kepkowski’s Experience as a Kim Cameron Award Recipient at Identiverse 2022
Being one of the first recipients of the Kim Cameron Award is a great honour and distinction. Kim’s contribution to the identity world impacted and inspired many individuals, including me. Reading his blog and studying the laws of identity helped me advance in my professional and academic career. Therefore, for
Fourth Public Review Period for OpenID Connect for Identity Assurance Specification Started
The OpenID eKYC and Identity Assurance Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 This would be the fourth Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to
Notice of Vote for Proposed Final OpenID Connect Logout Specifications
The official voting period will be between Monday, September 5, 2022 and Monday, September 12, 2022, once the 60-day review of the specifications has been completed. For the convenience of members, voting will actually begin on Friday, August 26, 2022 for members who have completed their reviews by then, with
Notice of Vote for Second Proposed RISC Profile Implementer’s Draft
The official voting period will be between Saturday, August 20, 2022 and Saturday, August 27, 2022, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually begin on Friday, August 12, 2022 for members who have completed their reviews by then, with
Guest Blog: Alen Horvat Attends EIC 2022 as Kim Cameron Award Recipient
The Kim Cameron Award program, initiated by the OpenID Foundation in 2022, is an essential step in evolving the global digital identity community. I’m genuinely honoured to be one of the first Award recipients, for my work and contributions are recognised. My digital identity journey began in the decentralised digital
Public Review Period for Proposed Final OpenID Connect Logout Specifications
The OpenID OpenID Connect Working Group recommends approval of the following specifications as OpenID Final Specifications: OpenID Connect Session Management 1.0 OpenID Connect Front-Channel Logout 1.0 OpenID Connect Back-Channel Logout 1.0 OpenID Connect RP-Initiated Logout 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is
Public Review Period for Second Proposed RISC Profile Implementer’s Draft
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public
Guest Blog: Rachelle Sellung’s Experience as a 2022 Kim Cameron Award Recipient
When I found out that I was chosen to be one of the Kim Cameron Award winners from the OpenID foundation, I was truly humbled. While I did not know Kim Cameron personally, I knew of his work and his incredible impact as a visionary in the Identity space. With
2022 OpenID Foundation Kim Cameron Award Recipients Announced
The OpenID Foundation is pleased to announce the first cohort of awardees for inaugural launch of the Kim Cameron Award Program. We first must thank the many well-qualified applicants who presented compelling interest in user-centric identity. The Foundation anticipates future opportunities for similar awards. The Foundation also thanks our partners;
Announcing the 2022 OpenID Foundation Kim Cameron Award
Overview The OpenID Foundation Board has resolve to begin the OpenID Foundation Kim Cameron Award Program in May 2022. Increasing representation from young people’s who’ve demonstrated an interest in subjects consistent with the OpenID Foundation Mission, to lead the global community in creating identity standards that are secure, interoperable, and
Introducing the Global Assured Identity Network (GAIN) Proof of Concept Community Group
The OpenID Foundation is pleased to announce the launch of the Global Assured Identity Network (GAIN) Proof of Concept Community Group, which aims to test the technical hypotheses underlying the “GAIN Digital Trust” white paper. Back in September 2021, more than 150 co-authors called for the creation of a globally
First Implementer’s Drafts of OpenID Connect SIOPV2 and OIDC4VP Specifications Approved
The OpenID Foundation membership has approved the following specifications as OpenID Implementer’s Drafts: Self-Issued OpenID Provider v2 OpenID Connect for Verifiable Presentations An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the first Implementer’s Drafts of these specifications.
First Implementer’s Draft of Initiating User Registration via OpenID Connect Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: Initiating User Registration via OpenID Connect An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. This specification
2022 OpenID Foundation Board Election Results
Thank you to all members who voted in the 2022 elections for representatives to the OpenID Foundation Board of Directors. As per the Foundation’s bylaws, three individual board members represent the membership and the community at large. Nat Sakimura and John Bradley both have one year remaining on their two-year
Notice of Vote for First Implementer’s Draft of Initiating User Registration via OpenID Connect
The official voting period will be between Tuesday, February 1, 2022 and Tuesday, February 8, 2022, following the 45-day review of the specification. For the convenience of members, voting will actually open on Tuesday, January 25, 2022 for members who have completed their reviews by then, with the voting period
Announcing the 2022 OpenID Foundation Individual Community Board Member Election
The OpenID Foundation plays an important role in the interoperability of Internet identity. This is to announce the OpenID Foundation individual community board member 2022 election schedule. Those elected will help determine the role the Foundation plays in facilitating the development and adoption of open identity standards as well as the
First Public Review Period for OpenID Connect SIOPV2 and OIDC4VP Specifications Started
The OpenID Connect Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Self-Issued OpenID Provider v2 OpenID Connect for Verifiable Presentations These would be the first Implementer’s Drafts of these specifications. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers
First Public Review Period for Initiating User Registration via OpenID Connect Started
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Initiating User Registration via OpenID Connect This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the
What are the differences between FAPI 1.0 and FAPI 2.0 and what do they mean to you?
Last updated: February 2023. In one paragraph, FAPI 1.0 Advanced is secure, stable, and complete Final Specification with a certification test suite while FAPI 2.0 is still in development so new features can be incorporated. FAPI 2.0 Security Profile has been through a formal security analysis in the same way
Okta Joins the OpenID Foundation Board to Further Advance Open Identity Standards
The OpenID Foundation is delighted to welcome Okta to the Board, an elevation of their membership status since Okta and Auth0 joined forces in May 2021. “Okta and Auth0 are long-standing contributors and thought leaders in all aspects of the identity industry. We are thrilled for Okta and Auth0 to
The OpenID Foundation Welcomes Visa to the Board of Directors
The OpenID Foundation is pleased to welcome David Henstock, Head of Identity Products at Visa to the board of directors as a sustaining member. Visa joins an accomplished group of identity thought leaders including, Cisco, Google, KDDI, Microsoft, NRI Secure, Okta, Ping Identity, Verizon and Yahoo Ad Tech. The Board
In Praise of Kim Cameron
Much is made of attributes like “opinion leader”, “domain expert”, and “mentor”. Kim Cameron was all that and much more. Our colleague Joerg Resch has eloquently memorialized Kim’s many contributions to our industry as “fundamentally influencing the way we think about and deal with privacy and digital identity”. Not only
Cisco Joins the OpenID Foundation Board, Signaling the Importance of Shared Signals to a Future of Zero Trust
Cisco has joined the OpenID Foundation as a sustaining member, effective November 2021. As Gail Hodges, the Executive Director of the OpenID Foundation said, “Cisco has played a pivotal role in building networked systems that underpin the internet today. We are honored to have Cisco join the Board at this
FDX’s Financial-Grade API Security Specification v3.4 Supports the FAPI 1.0 Advanced and CIBA Standards
The OpenID Foundation is delighted see the Financial Data Exchange’s recent announcement that FDX’s Financial-Grade API Security Specification v3.4 (companion to FDX API v5) supports the FAPI 1.0 Advanced and CIBA standards: “Alignment with Globally Interoperable Standards – The FDX API Security Specification v3.4 now references, supports and recommends utilization of
The OpenID Foundation Welcomes Member’s Comments on Strategic Approach in 2022
Dear Members, The OpenID Foundation warmly welcomes comments from the membership on our strategic approach in 2022. Our standards development work in categories like OpenID Connect is mature while other working groups are just beginning. The adoption of OIDF standards and certification programs are enjoying the global market momentum, and
Third Implementer’s Draft of OpenID Connect Federation Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Federation 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the third Implementer’s Draft of this specification. This specification is a
Third Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the third Implementer’s Draft of this specification. This specification
Notice of Vote for Third Implementer’s Draft of OpenID Connect Federation Specification
The official voting period will be between Wednesday, November 3, 2021 and Wednesday, November 10, 2021, following the 45 day review of the specification. For the convenience of members, voting will actually open on Wednesday, October 27, 2021 for members who have completed their reviews by then, with the voting
Notice of Vote for Third Implementer’s Draft of OpenID Connect for Identity Assurance Specification
The official voting period will be between Wednesday, November 3, 2021 and Wednesday, November 10, 2021, following the 45 day review of the specification. For the convenience of members, voting will actually open on Wednesday, October 27, 2021 for members who have completed their reviews by then, with the voting
Opportunity to Join the OpenID Foundation Certification Team
The OpenID Foundation is pleased to announce that it is looking to add a part-time member to the successful OpenID Certification program team. The OpenID Foundation enables deployments of OpenID Connect and the Financial-grade API (FAPI) to be certified to specific conformance profiles to promote interoperability among implementations. Later in 2021, the Foundation will
Announcing the GAIN POC Pre-launch “Listening Tour”
As a follow up to our blog announcement on September 20th heralding our plans to host the Global Assured Identity Network POC, we are delighted to kickoff our GAIN POC pre-launch “listening tour.” The objective of these sessions is to gather input for shaping the Community Group program targeted to launch
Implementer’s Draft of FAPI Grant Management Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/fapi-grant-management-ID1.html The voting
Global Assured Identity Network White Paper
The Global Assured Identity Network White Paper was the centerpiece of the OpenID Foundation’s Chairman Nat Sakimura’s keynote at the European Identity Conference just a few days ago. His presentation can be found at https://nat.sakimura.org/2021/09/14/announcing-gain/. Nat describes GAIN as an overlay network on top of the Internet with all its participants identity proofed.
Third Public Review Period for OpenID Connect Federation Specification Started
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Federation 1.0 This would be the third Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This
Third Public Review Period for OpenID Connect for Identity Assurance Specification Started
The OpenID eKYC and Identity Assurance Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 This would be the third Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to
OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core is now a Final Specification
The OpenID Foundation membership has approved the following MODRNA specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0-final.html
Shared Signals: An Open Standard for Webhooks
New OpenID Foundation draft enables secure and privacy protected webhooks to power an “API-First” world Author: Atul Tulshibagwale APIs are an increasingly important aspect of software today, and “API-First” is the mantra being followed in a lot of new software development. A critical aspect of efficient APIs is their
Implementer’s Drafts of Two SSE Specifications Approved
The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These
Notice of Vote for Proposed FAPI Grant Management Implementer’s Draft
The official voting period will be between Monday, August 30, 2021 and Monday, September 6, 2021, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually begin on Monday, August 23, 2021 for members who have completed their reviews by then, with
Notice of Vote for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification
The official voting period will be between Saturday, August 7, 2021 and Saturday, August 14, 2021, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Saturday, July 31, 2021 for members who have completed their reviews by then, with
Notice of Vote for Proposed Implementer’s Drafts of Two SSE Specifications
The voting period will be between Friday, July 23, 2021 and Friday, August 6, 2021, once the 45-day review of the specifications has been completed. The Shared Signals and Events (SSE) working group page is https://openid.net/wg/sse/. If you’re not already a member, or if your membership has expired, please consider
Implementer’s Drafts of Two FAPI 2.0 Specifications Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the first FAPI 2.0 Implementer’s
Public Review Period for Proposed FAPI Grant Management Implementer’s Draft
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period
Public Review Period for Proposed RISC Profile Implementer’s Draft
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review
Open Banking Brazil’s Adoption of Financial-grade API (FAPI) & FAPI Certification
The OpenID Foundation is pleased to announce the availability of Financial-grade API (FAPI) OP and dynamic client registration (DCR) tests for open banking Brazil. Release notes can be found here: https://gitlab.com/openid/conformance-suite/-/tags/release-v4.1.15 Brazil recently published their open banking technology stack including the security and identity standards that the financial services sector must adopt
Notice of Vote for Proposed Implementer’s Drafts of Two FAPI 2.0 Specifications
The official voting period will be between Saturday, July 10, 2021 and Saturday, July 17, 2021, once the 45-day review of the specifications has been completed. For the convenience of members, voting will actually begin on Saturday, July 3, 2021 for members who have completed their reviews by then, with
OpenID Financial-grade API (FAPI) Conformance Tests Released for Final FAPI 1.0 Parts 1 and 2 Specifications
The OpenID Foundation is pleased to announce the release of Financial-grade API (FAPI) OP and RP conformance tests for the Final FAPI 1.0 Part 1 and 2 specifications announced on March 31, 2021. Many organizations and jurisdictions utilized the FAPI Implementer’s Draft 2 as the starting point of their adoption of FAPI in
2021 OpenID Foundation New Corporate Member Representative Election Results
Thank you to all Corporate members who voted in the new 2021 OpenID Foundation Corporate Member Representative election. Each year, Corporate members of the OpenID Foundation elect a member to represent them on the board. Ashish Jain was elected by Corporate members during the 2021 elections that were conducted in
Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification
The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public
Public Review Period for Two Proposed SSE Implementer’s Drafts
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.
Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification
The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public
Public Review Period for Two Proposed FAPI 2.0 Implementer’s Drafts
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public
Welcoming Gail Hodges as Our New Executive Director
The OpenID Foundation is thrilled to welcome Gail Hodges as the new Executive Director of the OpenID Foundation. Those of you who already know Gail know that she’s passionate about enabling digital identity to serve the public good. She has extensive experience both in the digital identity space – for
Guest Blog: Financial-grade API (FAPI), Explained by an Implementer – Updated
NOTE: This article was updated to align to the FAPI 1.0 Final version which was published in March, 2021. CLICK HERE TO VIEW THIS BLOG IN PORTUGUESE Introduction Financial-grade API (FAPI) is a technical specification that Financial-grade API Working Group of OpenID Foundation has developed. It uses OAuth 2.0 and OpenID Connect (OIDC) as its base and defines additional technical requirements
The 7 Laws of Identity Standards
The OpenID Foundation is proud to participate in the first ever ‘Identity Management Day,’ an annual awareness event that will take place on the second Tuesday in April each year. The inaugural Identity Management Day is April 13, 2021. Founded by the Identity Defined Security Alliance (IDSA), the mission of Identity Management Day
OpenID Connect Federation Specification Resulting from a Year of Implementation Experience
The OpenID Foundation held three interop events for implementations of the OpenID Connect Federation specification during 2020. The learnings from each were used to iteratively refine the specification after each round, just as we did when developing OpenID Connect itself. The current specification is the result of the iterative rounds
Guest Blog: SecureAuth’s OpenID Foundation Membership Drives Interoperability and Authentication for Customer Identity Security Across Cloud and Mobile
Today, SecureAuth is an official member of the OpenID Foundation a non-profit international standardization organization committed to enabling, promoting and protecting OpenID technologies. As a distinguished member of the Foundation, SecureAuth also now has a voice in the elections for the governing body. SecureAuth Innovation Labs is dedicated to actively
Picking up Speed on the FAPI Roadmap: From the FAPI RW Implementers Draft 2 to FAPI 1.0 Advanced Final
The FAPI Working Group published a FAPI Frequently Asked Questions (FAQ) as a resource for those new to FAPI and implementing FAPI. This FAQ will evolve over time as the Foundation engages with new members like the Australian Competition & Consumer Commission as well as colleagues in the US, Australia,
Standards Adoption and the Adoption of Standards – Financial-grade API (FAPI) 1.0 Final Specifications Published
I’m pleased to announce that the OpenID Foundation has published the Financial-grade API (FAPI) Parts 1.0 and 2.0 final specifications. This is a true accomplishment for open banking initiatives worldwide. The Foundation couldn’t have reached this important milestone with the FAPI specification without the leadership of the FAPI Working Group
FAPI 1.0 Part 1 and Part 2 are now Final Specifications
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Final Specifications: Financial-grade API 1.0 – Part 1: Baseline Security Profile Financial-grade API 1.0 – Part 2: Advanced Security Profile A Final Specification provides intellectual property protections to implementers of the specification and is not subject
The Identity, Unlocked “eKYC with Mark Haine” Podcast Now Live
The OpenID Foundation is pleased to sponsor the Identity, Unlocked podcast. This week’s episode “eKYC with Mark Haine” features host Vittorio Bertocci and special guest Mark Haine. The episode focuses on the work of the OpenID Foundation’s eKYC & Identity Assurance Working Group. Mark Haine is the Director at considrd.consulting
OpenID Foundation Announces Increases to Membership Dues in 2021
The OpenID Foundation is a non-profit international standardization organization of individuals and companies committed to enabling, promoting, and protecting OpenID technologies. Formed in June 2007, the Foundation serves as a public trust organization representing the open community of developers, vendors, and users. The Foundation assists the community by providing needed
OpenID Connect for Identity Assurance (eKYC & IDA) Enables More than 30 Million Bank Customers to Identify Themselves with Third Parties
More than 1,000 banks in the yes® scheme enable online banking customers to prove their identity to 3rd parties with existing bank-managed KYC data. This data can also be used to seamlessly create qualified electronic signatures conforming to the EU’s eIDAS directive. The banks recently finished the migration of all
OpenID Foundation Certification Program Update, Program Expansion and Fees Increases
The increasing importance of certification to global adoption is being shown by the participation of government and regulator representatives in OpenID Foundation working groups and in our membership. It is also quantified in the uptick in certification services. The OpenID Certification Program continues its success in 2021 with over 500
Resolution Thanking Don Thibeau for his Service
The OpenID Foundation Board of Directors unanimously approved the following resolution, proposed by Mike Jones and seconded by John Bradley, thanking Don Thibeau for his service: Resolved: The OpenID Foundation board thanks Don Thibeau for his exemplary service to the OpenID Foundation and the worldwide identity community during his decade-long
An Update on the Collaboration of Technology Tools and Legal Rules
The US Federal Reserve is participating in a Committee on Payments and Market Infrastructures (CPMI) Cross-border Payments Task Force to identify ways to promote cross-border payments that are faster, less expensive and more transparent and inclusive. With the CPMI’s initiative to improve cross-border payments (and their upcoming conference https://lnkd.in/dBmT9q6), the Institute
2021 OpenID Foundation Board Update
Thank you to all who voted in the 2021 elections for representatives to the OpenID Foundation Board of Directors. As per our bylaws, three individual board members represent the membership and the community at large. As George Fletcher has one year remaining on his 2-year term, I want to thank
Ministry of Economy, Trade and Industry and OpenID Foundation in Liaison Agreement on eKYC & IDA for Legal Entities
The OpenID Foundation (OIDF), the international standards development organization which maintains the OpenID Connect for Identity Assurance (OIDC4IDA) standard, and the Japanese Government’s Ministry of Economy, Trade and Industry (METI) have signed a liaison agreement to work together. Under the agreement, METI will lead policy efforts to implement identity assurance
“Exploring Financial-grade API (FAPI) with Torsten” Podcast is Live
The OpenID Foundation is pleased to sponsor the Identity, Unlocked second season premiere podcast featuring host Vittorio Bertocci and special guest Torsten Lodderstedt, “Exploring Financial-grade API (FAPI) with Torsten”. Torsten is a long time member of and contributor to the OpenID Foundation. Torsten has contributed significantly to the FAPI security
Update on OpenID Foundation Leadership Transition
Dear OpenID Foundation Members: This is to update the OpenID Foundation community on our leadership transition and plans for 2021. We’ve enlisted the support of Women in Identity, IDPro and other groups to insure a broad international search and a diversity of backgrounds for the Foundation’s next Executive Director. Our
First Implementer’s Drafts of Three FastFed Specifications Approved
The OpenID Foundation membership has approved the following Fast Federation (FastFed) specifications as OpenID Implementer’s Drafts: FastFed Core 1.0 FastFed Basic SAML Profile 1.0 FastFed Basic SCIM Profile 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are
Second Implementer’s Draft of OpenID Connect User Questioning API Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect User Questioning API 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the second Implementer’s Draft of this specification. This specification
Announcing the 2021 OpenID Foundation Individual Community Board Members Election
The OpenID Foundation plays an important role in the interoperability of Internet identity. This is to announce the OpenID Foundation individual community board members 2021 election schedule. Those elected will help determine the role the Foundation plays in facilitating the creation and adoption of open identity standards. Per the Foundation’s