Latest News
Current news about the OpenID Foundation and the community at large. Please visit the News Archive to view news older than two years.
OpenID Foundation Chairman Nat Sakimura Speaks on OECD “Recommendations on the Governance of Digital Identity” Panel
This blog was updated on September 28, 2023 to include an updated link that includes the session recordings. OECD hosted a launch event on September 26, 2023 on the Recommendation on the Governance of Digital Identity, (note the session recordings at the bottom of the page) as adopted by the
Announcing the “Human-Centric Digital Identity: for Government Officials” Final Whitepaper
The OpenID Foundation is pleased to announce that the “Human-Centric Digital Identity: for Government Officials” whitepaper is now available, with this final version co-branded by twelve non-profit organisations. This paper offers a broad view of the global digital identity landscape, key considerations for government officials, and the path ahead to
Registration Open for OpenID Foundation Hybrid Workshop at Cisco on Monday, October 9, 2023
Registration is now open and required for all participants. Please register by October 2, 2023 at 12pm PT. Workshop Overview OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop
Announcing the Digital Credentials Protocols Working Group
Announcing the Digital Credentials Protocols Working Group The OpenID Foundation (OIDF) Specs Council has accepted a proposal to create a new working group as a dedicated home of the OpenID for Verifiable Credentials specs family. The new working group is designated as “Digital Credentials Protocols Working Group” (DCP WG). The
Announcing “GAIN in 2023” Whitepaper
We are delighted to announce the joint publication of “GAIN in 2023” which is a collaboration between six organizations who continue to pursue the vision of interoperable high trust identity networks, as articulated in the “GAIN Digital Trust” paper, published in 2021 by 156 independent identity industry experts and stakeholders.
Second Implementer’s Draft of Grant Management for OAuth 2.0 Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification.
Open for Comment “Human-Centric Identity: a primer for government officials”
Government officials, policymakers, technologists, legal scholars, and human rights advocates are invited to offer feedback on a new white paper “Human-Centric Identity: a primer for government officials”. This follows the publication of “Government-issued Digital Credentials and the Privacy Landscape” (Flanagan, 2023), which delved into challenges of creating a globally viable
OpenID Foundation Announces FAPI-RW App2app Certification Launched
Global interoperability, a common cause among many national and industry groups, seems especially urgent these days, especially in matters of security. Interop requires open standards, a “best idea wins” debate among experts and patience, lots of patience. The Financial-Grade API Working Group has a singular focus on developing its security
Notice of Vote for Proposed Second Implementer’s Draft of Grant Management for OAuth 2.0
The official voting period will be between Sunday, July 2, 2023 and Sunday, July 9, 2023, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually open on Sunday, June 25, 2023 for members who have completed their reviews by then, with
Public Review Period for Proposed Second Implementer’s Draft of Grant Management for OAuth 2.0
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of
Implementer’s Draft of FAPI 2.0 Message Signing Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: FAPI 2.0 Message Signing An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. The
First FAPI 2.0 Certifications Published
OpenID Foundation is pleased to announce that the first set of FAPI 2.0 self-certifications have been published and can now be viewed on the Certification Listings. We congratulate Authlete, Cloudentity, ConnectID, Ping Identity, and Raidiam for achieving compliance with the current FAPI 2.0 certifications and for being thought leaders on
Announcing the Final Draft “Government-Issued Digital Credentials and the Privacy Landscape”
Published May 4, 2023, revised August 25th 2023. Version 1.1 of this paper was published August 25, 2023 to include a narrow set of corrections submitted by the cobranding organizations, and incorporated at the discretion of the editor. Revision history is available upon request. The OpenID Foundation is pleased announce
Second Implementer’s Draft of OpenID for Verifiable Presentations Specification Approved
Second Implementer’s Draft of OpenID for Verifiable Presentations Specification Approved The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the
Notice of Vote for Proposed FAPI 2.0 Message Signing Implementer’s Draft
The official voting period will be between Tuesday, May 9, 2023 and Tuesday, May 16, 2023, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually open on Tuesday, May 2, 2023 for members who have completed their reviews by then, with
Announcing the 2023 OpenID Foundation Kim Cameron Award Recipients
The OpenID Foundation is pleased to announce the 2023 Kim Cameron award recipients. The goal of the awards is to increase representation from young people’s who’ve demonstrated an interest in subjects consistent with best practices and identity standards that are secure, interoperable, and privacy preserving. First, many thanks to the
Notice of Vote for Proposed Second Implementer’s Draft of OpenID for Verifiable Presentations Specification
The official voting period will be between Monday, April 24, 2023 and Monday, May 1, 2023, following the 45 day review of the specification. For the convenience of members, voting will actually open on Monday, April 17, 2023 for members who have completed their reviews by then, with the voting
Public Review Period for Proposed FAPI 2.0 Message Signing Implementer’s Draft
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: FAPI 2.0 Message Signing This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the
FAPI 2.0 Conformance Tests and Certifications Now Available
The OpenID Foundation is pleased to announce the availability of certification tests for both FAPI 2.0 Security Profile Implementers Draft 2and the upcoming first Implementer’s Draft of FAPI 2.0 Message Signing. The FAPI Working Group has taken many of the learnings from FAPI 1.0 and also formulated an attacker model,
Public Review Period for Proposed Second Implementer’s Draft of OpenID for Verifiable Presentations Specification
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This
OpenID Foundation Joins the OpenWallet Foundation
OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2023 Foundation key initiatives as well as updates on active working groups.
2023 OpenID Foundation Kim Cameron Awards Now Open for Submissions
Overview The OpenID Foundation board of directors established the OpenID Foundation Kim Cameron Award Program in May 2022. Our goal is to encourage representation from young people who have an interest in subjects consistent with the OpenID Foundation Mission, in creating identity standards that are secure, interoperable, and privacy preserving.
2023 OpenID Foundation Board of Directors Election Results
I want to personally thank all Foundation members who voted in the 2023 elections for representatives to the OpenID Foundation board of directors. Each year Corporate members of the Foundation elect a member to represent them on the board with all Corporate members in good standing eligible to nominate and
Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s
Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s
Notice of Vote for Proposed Second Implementer’s Drafts of Two FAPI 2.0 Specifications
Voting will begin on Monday, January 9, 2023 and end on Monday, January 23, 2023, now that the 45-day review of the specifications has been completed. The Financial-grade API (FAPI) working group page is https://openid.net/wg/fapi/. If you’re not already a member, or if your membership has expired, please consider joining
Announcing the 2023 OpenID Foundation Individual Community Board Members Election
This is to announce the OpenID Foundation individual community board members 2023 election schedule. Those elected will help determine the role the Foundation plays in facilitating the develop and adoption of important open identity standards enabling global interoperability as well as the strategic directions of the Foundation. Per the Foundation’s bylaws,
Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0 This is the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.
FAPI 2.0 – Announcing New Drafts and Security Analysis
The OpenID Foundation’s FAPI working group is pleased to announce the public review period has started for new Implementer’s Drafts of the FAPI 2.0 Security Profile and the FAPI 2.0 Attacker Model. These drafts coincide with the recently completed formal security analysis of the FAPI 2.0 specifications, the result of
Initiating User Registration via OpenID Connect is now a Final Specification
The OpenID Foundation membership has approved the following OpenID Connect specification as an OpenID Final Specification: Initiating User Registration via OpenID Connect A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-connect-prompt-create-1_0-final.html The voting
Unmet Authentication Requirements is now a Final Specification
The OpenID Foundation membership has approved the following OpenID Connect specification as an OpenID Final Specification: OpenID Connect Core Error Code unmet_authentication_requirements A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-connect-unmet-authentication-requirements-1_0-final.html The voting
Notice of Vote for Proposed Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps
The official voting period will be between Friday, November 18, 2022 and Friday, November 25, 2022, once the 45 day review of the specification has been completed. For the convenience of members, voting will actually continue until Friday, December 2, 2022. The OpenID Connect Working Group page is https://openid.net/wg/connect/. If
Public Review Period for Two Proposed FAPI 2.0 Second Implementer’s Drafts
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public
JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) is now a Final Specification
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available
Notice of Vote for Proposed Final Initiating User Registration via OpenID Connect Specification
The official voting period will be between Tuesday, November 22, 2022 and Tuesday, November 29, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Tuesday, November 15, 2022 for members who have completed their reviews by then. The
OpenID Foundation Announces Liaison Partnership with the European Telecommunications Standards Institute (ETSI)
The OpenID Foundation is pleased to announce a liaison partnership with the European Telecommunications Standards Institute (ETSI). ETSI provides members with an open and inclusive environment to support the development, ratification and testing of globally applicable standards for ICT systems and services across all sectors of industry and society. ETSI
Notice of Vote for Proposed Final Unmet Authentication Requirements Specification
The official voting period will be between Wednesday, November 9, 2022 and Wednesday, November 16, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Wednesday, November 2, 2022 for members who have completed their reviews by then. The
Notice of Vote for Proposed Final JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Specification
The official voting period will be between Thursday, October 27, 2022 and Thursday, November 3, 2022, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Thursday, October 20, 2022 for members who have completed their reviews by then. The
Fourth Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the fourth Implementer’s Draft of this specification. This specification
Public Review Period for Proposed Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0 This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers
Public Review Period for Proposed Final Initiating User Registration via OpenID Connect Specification
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: Initiating User Registration via OpenID Connect A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for
Notice of Vote for Fourth Implementer’s Draft of OpenID Connect for Identity Assurance Specification
The official voting period will be between Tuesday, October 4, 2022 and Tuesday, October 11, 2022, following the 45 day review of the specification. For the convenience of members, voting will actually open on Monday, September 26, 2022 for members who have completed their reviews by then, with the voting
The OpenID Connect Logout specifications are now Final Specifications
The OpenID Foundation membership has approved the following OpenID Connect specifications as OpenID Final Specifications: OpenID Connect Session Management 1.0 OpenID Connect Front-Channel Logout 1.0 OpenID Connect Back-Channel Logout 1.0 OpenID Connect RP-Initiated Logout 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not
Public Review Period for Proposed Final Unmet Authentication Requirements Specification
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Core Error Code unmet_authentication_requirements A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for
Guest Blog: Frederico Schardong Participates in Identiverse 2022 as a Kim Cameron Award Recipient
Despite the fact that I only discovered Kim Cameron’s seminar article on the seven laws of identity many years after it was published, it felt as current as anything new I was reading when I first began studying identity. Going through his thought-provoking blog posts about identity and privacy also
Public Review Period for Proposed Final JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Specification
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the
Second Implementer’s Draft of RISC Profile Approved
The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/openid-risc-profile-specification-1_0-ID2.html
OpenID Connect for Identity Assurance – Overview & Call to Action
Introduction At the start of 2020 a new workgroup was formed under the OpenID Foundation that was to continue on from activities that had been ongoing in the AB/Connect Working Group | OpenID for some months. That new working group came to be known as the eKYC & Identity Assurance Working Group. The
Guest Blog: Michal Kepkowski’s Experience as a Kim Cameron Award Recipient at Identiverse 2022
Being one of the first recipients of the Kim Cameron Award is a great honour and distinction. Kim’s contribution to the identity world impacted and inspired many individuals, including me. Reading his blog and studying the laws of identity helped me advance in my professional and academic career. Therefore, for
Fourth Public Review Period for OpenID Connect for Identity Assurance Specification Started
The OpenID eKYC and Identity Assurance Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 This would be the fourth Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to
Notice of Vote for Proposed Final OpenID Connect Logout Specifications
The official voting period will be between Monday, September 5, 2022 and Monday, September 12, 2022, once the 60-day review of the specifications has been completed. For the convenience of members, voting will actually begin on Friday, August 26, 2022 for members who have completed their reviews by then, with
Notice of Vote for Second Proposed RISC Profile Implementer’s Draft
The official voting period will be between Saturday, August 20, 2022 and Saturday, August 27, 2022, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually begin on Friday, August 12, 2022 for members who have completed their reviews by then, with
Guest Blog: Alen Horvat Attends EIC 2022 as Kim Cameron Award Recipient
The Kim Cameron Award program, initiated by the OpenID Foundation in 2022, is an essential step in evolving the global digital identity community. I’m genuinely honoured to be one of the first Award recipients, for my work and contributions are recognised. My digital identity journey began in the decentralised digital
Public Review Period for Proposed Final OpenID Connect Logout Specifications
The OpenID OpenID Connect Working Group recommends approval of the following specifications as OpenID Final Specifications: OpenID Connect Session Management 1.0 OpenID Connect Front-Channel Logout 1.0 OpenID Connect Back-Channel Logout 1.0 OpenID Connect RP-Initiated Logout 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is
Public Review Period for Second Proposed RISC Profile Implementer’s Draft
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public
Guest Blog: Rachelle Sellung’s Experience as a 2022 Kim Cameron Award Recipient
When I found out that I was chosen to be one of the Kim Cameron Award winners from the OpenID foundation, I was truly humbled. While I did not know Kim Cameron personally, I knew of his work and his incredible impact as a visionary in the Identity space. With
2022 OpenID Foundation Kim Cameron Award Recipients Announced
The OpenID Foundation is pleased to announce the first cohort of awardees for inaugural launch of the Kim Cameron Award Program. We first must thank the many well-qualified applicants who presented compelling interest in user-centric identity. The Foundation anticipates future opportunities for similar awards. The Foundation also thanks our partners;
Announcing the 2022 OpenID Foundation Kim Cameron Award
Overview The OpenID Foundation Board has resolve to begin the OpenID Foundation Kim Cameron Award Program in May 2022. Increasing representation from young people’s who’ve demonstrated an interest in subjects consistent with the OpenID Foundation Mission, to lead the global community in creating identity standards that are secure, interoperable, and
Introducing the Global Assured Identity Network (GAIN) Proof of Concept Community Group
The OpenID Foundation is pleased to announce the launch of the Global Assured Identity Network (GAIN) Proof of Concept Community Group, which aims to test the technical hypotheses underlying the “GAIN Digital Trust” white paper. Back in September 2021, more than 150 co-authors called for the creation of a globally
First Implementer’s Drafts of OpenID Connect SIOPV2 and OIDC4VP Specifications Approved
The OpenID Foundation membership has approved the following specifications as OpenID Implementer’s Drafts: Self-Issued OpenID Provider v2 OpenID Connect for Verifiable Presentations An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the first Implementer’s Drafts of these specifications.
First Implementer’s Draft of Initiating User Registration via OpenID Connect Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: Initiating User Registration via OpenID Connect An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. This specification
2022 OpenID Foundation Board Election Results
Thank you to all members who voted in the 2022 elections for representatives to the OpenID Foundation Board of Directors. As per the Foundation’s bylaws, three individual board members represent the membership and the community at large. Nat Sakimura and John Bradley both have one year remaining on their two-year
Notice of Vote for First Implementer’s Draft of Initiating User Registration via OpenID Connect
The official voting period will be between Tuesday, February 1, 2022 and Tuesday, February 8, 2022, following the 45-day review of the specification. For the convenience of members, voting will actually open on Tuesday, January 25, 2022 for members who have completed their reviews by then, with the voting period
Announcing the 2022 OpenID Foundation Individual Community Board Member Election
The OpenID Foundation plays an important role in the interoperability of Internet identity. This is to announce the OpenID Foundation individual community board member 2022 election schedule. Those elected will help determine the role the Foundation plays in facilitating the development and adoption of open identity standards as well as the
First Public Review Period for OpenID Connect SIOPV2 and OIDC4VP Specifications Started
The OpenID Connect Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Self-Issued OpenID Provider v2 OpenID Connect for Verifiable Presentations These would be the first Implementer’s Drafts of these specifications. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers
First Public Review Period for Initiating User Registration via OpenID Connect Started
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Initiating User Registration via OpenID Connect This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the
What are the differences between FAPI 1.0 and FAPI 2.0 and what do they mean to you?
Last updated: February 2023. In one paragraph, FAPI 1.0 Advanced is secure, stable, and complete Final Specification with a certification test suite while FAPI 2.0 is still in development so new features can be incorporated. FAPI 2.0 Security Profile has been through a formal security analysis in the same way
Okta Joins the OpenID Foundation Board to Further Advance Open Identity Standards
The OpenID Foundation is delighted to welcome Okta to the Board, an elevation of their membership status since Okta and Auth0 joined forces in May 2021. “Okta and Auth0 are long-standing contributors and thought leaders in all aspects of the identity industry. We are thrilled for Okta and Auth0 to
The OpenID Foundation Welcomes Visa to the Board of Directors
The OpenID Foundation is pleased to welcome David Henstock, Head of Identity Products at Visa to the board of directors as a sustaining member. Visa joins an accomplished group of identity thought leaders including, Cisco, Google, KDDI, Microsoft, NRI Secure, Okta, Ping Identity, Verizon and Yahoo Ad Tech. The Board
In Praise of Kim Cameron
Much is made of attributes like “opinion leader”, “domain expert”, and “mentor”. Kim Cameron was all that and much more. Our colleague Joerg Resch has eloquently memorialized Kim’s many contributions to our industry as “fundamentally influencing the way we think about and deal with privacy and digital identity”. Not only
Cisco Joins the OpenID Foundation Board, Signaling the Importance of Shared Signals to a Future of Zero Trust
Cisco has joined the OpenID Foundation as a sustaining member, effective November 2021. As Gail Hodges, the Executive Director of the OpenID Foundation said, “Cisco has played a pivotal role in building networked systems that underpin the internet today. We are honored to have Cisco join the Board at this
FDX’s Financial-Grade API Security Specification v3.4 Supports the FAPI 1.0 Advanced and CIBA Standards
The OpenID Foundation is delighted see the Financial Data Exchange’s recent announcement that FDX’s Financial-Grade API Security Specification v3.4 (companion to FDX API v5) supports the FAPI 1.0 Advanced and CIBA standards: “Alignment with Globally Interoperable Standards – The FDX API Security Specification v3.4 now references, supports and recommends utilization of
The OpenID Foundation Welcomes Member’s Comments on Strategic Approach in 2022
Dear Members, The OpenID Foundation warmly welcomes comments from the membership on our strategic approach in 2022. Our standards development work in categories like OpenID Connect is mature while other working groups are just beginning. The adoption of OIDF standards and certification programs are enjoying the global market momentum, and
Third Implementer’s Draft of OpenID Connect Federation Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Federation 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the third Implementer’s Draft of this specification. This specification is a
Third Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the third Implementer’s Draft of this specification. This specification
Notice of Vote for Third Implementer’s Draft of OpenID Connect Federation Specification
The official voting period will be between Wednesday, November 3, 2021 and Wednesday, November 10, 2021, following the 45 day review of the specification. For the convenience of members, voting will actually open on Wednesday, October 27, 2021 for members who have completed their reviews by then, with the voting
Notice of Vote for Third Implementer’s Draft of OpenID Connect for Identity Assurance Specification
The official voting period will be between Wednesday, November 3, 2021 and Wednesday, November 10, 2021, following the 45 day review of the specification. For the convenience of members, voting will actually open on Wednesday, October 27, 2021 for members who have completed their reviews by then, with the voting
Opportunity to Join the OpenID Foundation Certification Team
The OpenID Foundation is pleased to announce that it is looking to add a part-time member to the successful OpenID Certification program team. The OpenID Foundation enables deployments of OpenID Connect and the Financial-grade API (FAPI) to be certified to specific conformance profiles to promote interoperability among implementations. Later in 2021, the Foundation will
Announcing the GAIN POC Pre-launch “Listening Tour”
As a follow up to our blog announcement on September 20th heralding our plans to host the Global Assured Identity Network POC, we are delighted to kickoff our GAIN POC pre-launch “listening tour.” The objective of these sessions is to gather input for shaping the Community Group program targeted to launch
Implementer’s Draft of FAPI Grant Management Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/fapi-grant-management-ID1.html The voting
Global Assured Identity Network White Paper
The Global Assured Identity Network White Paper was the centerpiece of the OpenID Foundation’s Chairman Nat Sakimura’s keynote at the European Identity Conference just a few days ago. His presentation can be found at https://nat.sakimura.org/2021/09/14/announcing-gain/. Nat describes GAIN as an overlay network on top of the Internet with all its participants identity proofed.
Third Public Review Period for OpenID Connect Federation Specification Started
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Federation 1.0 This would be the third Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This
Third Public Review Period for OpenID Connect for Identity Assurance Specification Started
The OpenID eKYC and Identity Assurance Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 This would be the third Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to
OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core is now a Final Specification
The OpenID Foundation membership has approved the following MODRNA specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0-final.html
Shared Signals: An Open Standard for Webhooks
New OpenID Foundation draft enables secure and privacy protected webhooks to power an “API-First” world Author: Atul Tulshibagwale APIs are an increasingly important aspect of software today, and “API-First” is the mantra being followed in a lot of new software development. A critical aspect of efficient APIs is their
Implementer’s Drafts of Two SSE Specifications Approved
The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These
Notice of Vote for Proposed FAPI Grant Management Implementer’s Draft
The official voting period will be between Monday, August 30, 2021 and Monday, September 6, 2021, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually begin on Monday, August 23, 2021 for members who have completed their reviews by then, with
Notice of Vote for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification
The official voting period will be between Saturday, August 7, 2021 and Saturday, August 14, 2021, once the 60-day review of the specification has been completed. For the convenience of members, voting will actually begin on Saturday, July 31, 2021 for members who have completed their reviews by then, with
Notice of Vote for Proposed Implementer’s Drafts of Two SSE Specifications
The voting period will be between Friday, July 23, 2021 and Friday, August 6, 2021, once the 45-day review of the specifications has been completed. The Shared Signals and Events (SSE) working group page is https://openid.net/wg/sse/. If you’re not already a member, or if your membership has expired, please consider
Implementer’s Drafts of Two FAPI 2.0 Specifications Approved
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the first FAPI 2.0 Implementer’s
Public Review Period for Proposed FAPI Grant Management Implementer’s Draft
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period
Public Review Period for Proposed RISC Profile Implementer’s Draft
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review
Open Banking Brazil’s Adoption of Financial-grade API (FAPI) & FAPI Certification
The OpenID Foundation is pleased to announce the availability of Financial-grade API (FAPI) OP and dynamic client registration (DCR) tests for open banking Brazil. Release notes can be found here: https://gitlab.com/openid/conformance-suite/-/tags/release-v4.1.15 Brazil recently published their open banking technology stack including the security and identity standards that the financial services sector must adopt
Notice of Vote for Proposed Implementer’s Drafts of Two FAPI 2.0 Specifications
The official voting period will be between Saturday, July 10, 2021 and Saturday, July 17, 2021, once the 45-day review of the specifications has been completed. For the convenience of members, voting will actually begin on Saturday, July 3, 2021 for members who have completed their reviews by then, with
OpenID Financial-grade API (FAPI) Conformance Tests Released for Final FAPI 1.0 Parts 1 and 2 Specifications
The OpenID Foundation is pleased to announce the release of Financial-grade API (FAPI) OP and RP conformance tests for the Final FAPI 1.0 Part 1 and 2 specifications announced on March 31, 2021. Many organizations and jurisdictions utilized the FAPI Implementer’s Draft 2 as the starting point of their adoption of FAPI in
2021 OpenID Foundation New Corporate Member Representative Election Results
Thank you to all Corporate members who voted in the new 2021 OpenID Foundation Corporate Member Representative election. Each year, Corporate members of the OpenID Foundation elect a member to represent them on the board. Ashish Jain was elected by Corporate members during the 2021 elections that were conducted in
Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification
The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public
Public Review Period for Two Proposed SSE Implementer’s Drafts
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.
Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification
The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public
Public Review Period for Two Proposed FAPI 2.0 Implementer’s Drafts
The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public
Welcoming Gail Hodges as Our New Executive Director
The OpenID Foundation is thrilled to welcome Gail Hodges as the new Executive Director of the OpenID Foundation. Those of you who already know Gail know that she’s passionate about enabling digital identity to serve the public good. She has extensive experience both in the digital identity space – for
Guest Blog: Financial-grade API (FAPI), Explained by an Implementer – Updated
NOTE: This article was updated to align to the FAPI 1.0 Final version which was published in March, 2021. CLICK HERE TO VIEW THIS BLOG IN PORTUGUESE Introduction Financial-grade API (FAPI) is a technical specification that Financial-grade API Working Group of OpenID Foundation has developed. It uses OAuth 2.0 and OpenID Connect (OIDC) as its base and defines additional technical requirements
The 7 Laws of Identity Standards
The OpenID Foundation is proud to participate in the first ever ‘Identity Management Day,’ an annual awareness event that will take place on the second Tuesday in April each year. The inaugural Identity Management Day is April 13, 2021. Founded by the Identity Defined Security Alliance (IDSA), the mission of Identity Management Day
OpenID Connect Federation Specification Resulting from a Year of Implementation Experience
The OpenID Foundation held three interop events for implementations of the OpenID Connect Federation specification during 2020. The learnings from each were used to iteratively refine the specification after each round, just as we did when developing OpenID Connect itself. The current specification is the result of the iterative rounds
Guest Blog: SecureAuth’s OpenID Foundation Membership Drives Interoperability and Authentication for Customer Identity Security Across Cloud and Mobile
Today, SecureAuth is an official member of the OpenID Foundation a non-profit international standardization organization committed to enabling, promoting and protecting OpenID technologies. As a distinguished member of the Foundation, SecureAuth also now has a voice in the elections for the governing body. SecureAuth Innovation Labs is dedicated to actively
Picking up Speed on the FAPI Roadmap: From the FAPI RW Implementers Draft 2 to FAPI 1.0 Advanced Final
The FAPI Working Group published a FAPI Frequently Asked Questions (FAQ) as a resource for those new to FAPI and implementing FAPI. This FAQ will evolve over time as the Foundation engages with new members like the Australian Competition & Consumer Commission as well as colleagues in the US, Australia,
Standards Adoption and the Adoption of Standards – Financial-grade API (FAPI) 1.0 Final Specifications Published
I’m pleased to announce that the OpenID Foundation has published the Financial-grade API (FAPI) Parts 1.0 and 2.0 final specifications. This is a true accomplishment for open banking initiatives worldwide. The Foundation couldn’t have reached this important milestone with the FAPI specification without the leadership of the FAPI Working Group
FAPI 1.0 Part 1 and Part 2 are now Final Specifications
The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Final Specifications: Financial-grade API 1.0 – Part 1: Baseline Security Profile Financial-grade API 1.0 – Part 2: Advanced Security Profile A Final Specification provides intellectual property protections to implementers of the specification and is not subject
The Identity, Unlocked “eKYC with Mark Haine” Podcast Now Live
The OpenID Foundation is pleased to sponsor the Identity, Unlocked podcast. This week’s episode “eKYC with Mark Haine” features host Vittorio Bertocci and special guest Mark Haine. The episode focuses on the work of the OpenID Foundation’s eKYC & Identity Assurance Working Group. Mark Haine is the Director at considrd.consulting
OpenID Foundation Announces Increases to Membership Dues in 2021
The OpenID Foundation is a non-profit international standardization organization of individuals and companies committed to enabling, promoting, and protecting OpenID technologies. Formed in June 2007, the Foundation serves as a public trust organization representing the open community of developers, vendors, and users. The Foundation assists the community by providing needed
OpenID Connect for Identity Assurance (eKYC & IDA) Enables More than 30 Million Bank Customers to Identify Themselves with Third Parties
More than 1,000 banks in the yes® scheme enable online banking customers to prove their identity to 3rd parties with existing bank-managed KYC data. This data can also be used to seamlessly create qualified electronic signatures conforming to the EU’s eIDAS directive. The banks recently finished the migration of all
OpenID Foundation Certification Program Update, Program Expansion and Fees Increases
The increasing importance of certification to global adoption is being shown by the participation of government and regulator representatives in OpenID Foundation working groups and in our membership. It is also quantified in the uptick in certification services. The OpenID Certification Program continues its success in 2021 with over 500
Resolution Thanking Don Thibeau for his Service
The OpenID Foundation Board of Directors unanimously approved the following resolution, proposed by Mike Jones and seconded by John Bradley, thanking Don Thibeau for his service: Resolved: The OpenID Foundation board thanks Don Thibeau for his exemplary service to the OpenID Foundation and the worldwide identity community during his decade-long
An Update on the Collaboration of Technology Tools and Legal Rules
The US Federal Reserve is participating in a Committee on Payments and Market Infrastructures (CPMI) Cross-border Payments Task Force to identify ways to promote cross-border payments that are faster, less expensive and more transparent and inclusive. With the CPMI’s initiative to improve cross-border payments (and their upcoming conference https://lnkd.in/dBmT9q6), the Institute
2021 OpenID Foundation Board Update
Thank you to all who voted in the 2021 elections for representatives to the OpenID Foundation Board of Directors. As per our bylaws, three individual board members represent the membership and the community at large. As George Fletcher has one year remaining on his 2-year term, I want to thank
Ministry of Economy, Trade and Industry and OpenID Foundation in Liaison Agreement on eKYC & IDA for Legal Entities
The OpenID Foundation (OIDF), the international standards development organization which maintains the OpenID Connect for Identity Assurance (OIDC4IDA) standard, and the Japanese Government’s Ministry of Economy, Trade and Industry (METI) have signed a liaison agreement to work together. Under the agreement, METI will lead policy efforts to implement identity assurance
“Exploring Financial-grade API (FAPI) with Torsten” Podcast is Live
The OpenID Foundation is pleased to sponsor the Identity, Unlocked second season premiere podcast featuring host Vittorio Bertocci and special guest Torsten Lodderstedt, “Exploring Financial-grade API (FAPI) with Torsten”. Torsten is a long time member of and contributor to the OpenID Foundation. Torsten has contributed significantly to the FAPI security
Update on OpenID Foundation Leadership Transition
Dear OpenID Foundation Members: This is to update the OpenID Foundation community on our leadership transition and plans for 2021. We’ve enlisted the support of Women in Identity, IDPro and other groups to insure a broad international search and a diversity of backgrounds for the Foundation’s next Executive Director. Our
First Implementer’s Drafts of Three FastFed Specifications Approved
The OpenID Foundation membership has approved the following Fast Federation (FastFed) specifications as OpenID Implementer’s Drafts: FastFed Core 1.0 FastFed Basic SAML Profile 1.0 FastFed Basic SCIM Profile 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are
Second Implementer’s Draft of OpenID Connect User Questioning API Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect User Questioning API 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the second Implementer’s Draft of this specification. This specification
Announcing the 2021 OpenID Foundation Individual Community Board Members Election
The OpenID Foundation plays an important role in the interoperability of Internet identity. This is to announce the OpenID Foundation individual community board members 2021 election schedule. Those elected will help determine the role the Foundation plays in facilitating the creation and adoption of open identity standards. Per the Foundation’s