Latest News
Current news about the OpenID Foundation and the community at large. Please visit the News Archive to view news older than two years.
Verifiable credentials: a valuable tool in the fight against rising ID fraud?
US Financial institutions face a critical challenge. Suspicious account records are on the rise despite innovations in identity and verification (ID&V) technologies. Can widespread adoption of High Assurance Identity Verification by financial institutions be the answer? Banks need to establish a reasonable belief of a customer’s identity during account opening,
OIDF offers standards roadmap for GENIUS Act
The OpenID Foundation has submitted a comprehensive response to the US Department of the Treasury’s Request for Comment on “Innovative Methods to Detect Illicit Activity Involving Digital Assets” (TREAS-DO-2025-0070-0001), issued under the GENIUS Act. As a technical standards body with deep expertise in APIs and digital identity, the OpenID Foundation welcomes
OIDF submits comments on CFPB Data Rights Rule
The OpenID Foundation (OIDF) has submitted comments to the Consumer Financial Protection Bureau (CFPB) regarding the reconsideration of Rule 1033 on personal financial data rights. The OpenID Foundation brings expertise from working with open banking implementations across 12 global ecosystems. This submission represents the Foundation’s third response to this regulation,
OIDF submits comments on Utah’s state-endorsed digital identity RFI
The OpenID Foundation has submitted its comments on Utah’s Request for Information (RFI #AE26-1) regarding the State-Endorsed Digital Identity (SEDI) program. This submission reflects the OpenID Foundation’s ongoing commitment to supporting governments worldwide as they develop digital identity frameworks that prioritize security, privacy, and interoperability. Gail Hodges, Executive Director of the
Top firms test interoperability of final SSF and CAEP
The OpenID Foundation and hosting partner FIDO Alliance brought together implementers of the newly finalized Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP) specifications to demonstrate interoperability at the Authenticate 2025 conference in Carlsbad, California, earlier this month (October 13-15, 2025). The Shared Signals Framework (SSF) and Continuous
Public Review Period for Proposed Authorization API 1.0 Final Specification
The OpenID AuthZEN Working Group recommends the following OpenID Final Specification: Authorization API 1.0: https://openid.net/specs/authorization-api-1_0-04.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the specification draft in accordance with the OpenID Foundation
OpenID Connect Core 1.0 now published as ITU standard
We’re pleased to announce that Recommendation X.1285, incorporating the OpenID Connect Core 1.0 – errata set 2 specification, has been officially published by the International Telecommunication Union. Following the formal adoption in April 2025, which we announced in May, the specification is now publicly available. This publication marks a significant
Second Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps Approved
The OpenID Foundation membership has approved the following as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0: https://openid.net/specs/openid-connect-native-sso-1_0-ID2.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This Implementer’s Draft is the product of the OpenID AB/Connect
OIDF applauds new FIDO and Shared Signals whitepaper
The OpenID Foundation welcomes the publication of a new whitepaper from the FIDO Alliance that examines how FIDO authentication and the Shared Signals Framework (SSF) work together to address enterprise security challenges. We recognize the significant effort by the FIDO Enterprise Deployment Working Group to illustrate how aligned our specifications
Public Review Period for Proposed OpenID4VC High Assurance Interoperability Profile (HAIP) 1.0 Final Specification
The OpenID Digital Credentials Protocols (DCP) Working Group recommends the following OpenID Final Specification: OpenID4VC High Assurance Interoperability Profile (HAIP) 1.0: https://openid.net/specs/openid4vc-high-assurance-interoperability-profile-1_0-05.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the
OpenID Foundation Applauds Western Balkans Digital ID Plan
Joint Statement on Achieving Interoperable Digital ID Wallets and Trust Services at the 6th Western Balkans Digital Summit The Western Balkan governments welcomed regional experts, ministers, European Union representatives, the World Bank, and the OpenID Foundation, amongst other global experts, to take part in the 6th Western Balkans
New whitepaper tackles AI agent identity challenges
The OpenID Foundation has today released a critical new whitepaper addressing one of the most pressing challenges facing organizations deploying AI agents – how to securely authenticate and authorize these autonomous systems while maintaining proper governance and accountability. Identity Management for Agentic AI: The new frontier of authorization, authentication, and
OIDF Announces New Investment to Expand Conformance Services
The OpenID Foundation Board has approved the development of a new service to enable stronger partnership with “managing entities” and “accredited laboratories” that wish to deploy the OpenID Foundation tests and best practices within a wider ecosystem conformance service. This additional service is scheduled for launch in Q2 2026, and
OIDF Supports National Strategy on Fraud and Scam Prevention
Today, the Aspen Institute Financial Security Program launched a groundbreaking National Strategy on Fraud and Scam Prevention. The OpenID Foundation was delighted to participate as a task force member, contributing to the effort alongside more than 80 cross-sector partners. This represents the first time such a broad collection of leaders
FAPI 2.0 Message Signing Final Specification Approved
The OpenID Foundation membership has approved the following as an OpenID Final Specification: FAPI 2.0 Message Signing: https://openid.net/specs/fapi-message-signing-2_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This Final Specification is the product of the OpenID FAPI Working Group.
Whitepaper open for comment: The Unfinished Digital Estate: Culture, Law, and Technology After Death
As digital life now extends beyond our lifespans, most societies remain unprepared for what happens when people die or become incapacitated, leaving behind their online assets. A comprehensive new research paper is now open for public comment: “The Unfinished Digital Estate: Culture, Law, and Technology After Death.” This paper, published
Australian Digital Trust Community Group responds to Productivity Commission’s Digital Technology Report
Supporting Australia’s Digital Trust Ecosystem The OpenID Foundation’s Australian Digital Trust Community Group (ADT CG) has submitted comments to Australia’s Productivity Commission on its Interim Report covering data and digital technology policy, demonstrating the Foundation’s commitment to supporting policy development in Australia through expert technical guidance and industry collaboration. The
Notice of Vote for Proposed Second Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps
The voting period will be between Thursday, October 2, 2025 and Thursday, October 19, 2025, following the 45 day review of the specification. The OpenID Connect Working Group page is https://openid.net/wg/connect/. If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote. Information
OIDF supports Japanese regulator on phishing defence
The OpenID Foundation continues to support government partners, with the OpenID Foundation’s Chairman Nat Sakimura recently leading the organization’s expert guidance to Japan’s Financial Services Agency (FSA) on strengthening cybersecurity defences for securities and trading companies facing sophisticated phishing attacks. Japanese financial firms have been experiencing increasingly sophisticated phishing and
OpenID for Verifiable Credential Issuance 1.0 Final Specification Approved
The OpenID Foundation membership has approved the following as an OpenID Final Specification: OpenID for Verifiable Credential Issuance 1.0: https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This Final Specification is the product of the OpenID DCP Working Group.
PRESS RELEASE: OpenID Foundation finalizes global standards for real-time identity security
Industry wide adoption of standardized security event sharing now possible. Three specifications to enable instant security coordination across all connected systems worldwide. This crucial development will make Zero Trust architectures achievable at global scale. San Ramon, CA, 16 September 2025 – The OpenID Foundation (OIDF), a global leader in
Registration Open for OpenID Foundation Hybrid Workshop at Cisco on Mon 20th October 2025
The OpenID Foundation will be holding a hybrid workshop on Mon 20th October 2025, just ahead of the Fall 2025 Internet Identity Workshop (IIW). (A discount code for OIDF members was forwarded via email) This hybrid event will take place both in person at Cisco’s Santana Row offices in San
How SSF/CAEP and STIX/TAXII Secure Different Fronts
By Shared Signals Framework WG Contributor, Apoorva Deshpande, Okta In the realm of cybersecurity, there are two critical sets of frameworks that serve distinct yet vital roles in how organizations share and act upon security information – the Shared Signals Framework (SSF), with its Continuous Access Evaluation Protocol (CAEP), and
Three Shared Signals Final Specifications Approved
The OpenID Foundation membership has approved the following three specifications as an OpenID Final Specifications: OpenID Shared Signals Framework: https://openid.net/specs/openid-sharedsignals-framework-1_0-final.html OpenID CAEP: https://openid.net/specs/openid-caep-1_0-final.html OpenID RISC: https://openid.net/specs/openid-risc-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. These three Final Specifications are
Notice of Vote to Approve Proposed FAPI 2.0 Message Signing Final Specification
The two-week voting period will be between Wednesday, September 10, 2025 and Wednesday, September 24, 2025, once the 60 day review of the specification has been completed. The FAPI working group page: https://openid.net/wg/fapi. If you’re not already a member, or if your membership has expired, please consider joining to participate in the
OIDF receives security analysis of OpenID for Verifiable Presentations
The OpenID Foundation is pleased to announce the completion of a comprehensive security analysis of OpenID for Verifiable Presentations (OpenID4VP) when used over the Digital Credentials API (DC API). This represents the first security analysis of OpenID4VP and DC API together, which allowed potential security vulnerabilities to be detected and
Errata Corrections to JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Approved
Errata to the following specification have been approved by a vote of the OpenID Foundation members: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) – This specification was created to bring some of the security features defined as part of OpenID Connect to OAuth 2.0 An Errata version of a specification incorporates corrections
Notice of Vote to Approve OpenID for Verifiable Credential Issuance 1.0 Final Specification
This is a notice of the upcoming vote to approve OpenID for Verifiable Credential Issuance 1.0 as a Final Specification. The two-week voting period will be between Monday, September 1, 2025 and Monday, September 15, 2025, once the 60 day review of the specification has been completed. The Digital Credentials
Adoption now and ahead: mDL Day ‘Voices of the Future’ panel
On July 14, 2025, OpenID Foundation’s Executive Director Gail Hodges was delighted to moderate the ‘Voices from the Future’ panel at the Federal Mobile Driver’s License (mDL) Industry Day | GSA, which included leaders from five US States and the American Association of Motor Vehicle Administrators (AAMVA) on the use
Public Review Period for Proposed Second Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps
Public Review Period for Proposed Second Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0 This would be the second Implementer’s Draft of this specification. An Implementer’s
Shared Signals interop event at Authenticate 2025: Call for participation
The OpenID Foundation is excited to announce the first interoperability event testing against the soon-to-be-final Shared Signals Framework (SSF) specification at Authenticate 2025. This event will demonstrate interoperability on the final specification, after the membership votes on it as being ‘final’ by end of August), as per OIDF Process Document.
Notice of Vote to Approve Three Shared Signals Final Specifications
The two-week voting period will be between Monday, August 15, 2025 and Monday, August 29, 2025, once the 60 day review of the specification has been completed. The OpenID Shared Signals Working Group page is https://openid.net/wg/sharedsignals/. If you’re not already a member, or if your membership has expired, please consider joining
OpenID Foundation demonstrates real-world interoperability of new Digital Identity Issuance Standards
Gail Hodges, Executive Director OpenID Foundation Today the OIDF is proud to announce that the OpenID for Verifiable Credential Issuance (OpenID4VCI) specification has proven interoperability through the pairwise testing of seven issuers and five wallets providers from around the world. The clear evidence of interoperability is a meaningful and timely
OIDF launches Ecosystems Support Community Group
The OpenID Foundation has launched a new Ecosystems Support Community Group (ESCG) to help public and private sector ecosystem leaders understand the key architectures, decisions, and best practices at the forefront of open banking/open data and digital identity adoption globally. Context The ESCG arrives at a critical time when 90+
UN’s DPI Day: Elizabeth Garber on standards as safeguards
The OpenID Foundation’s Strategy and Marketing Director, Elizabeth Garber, attended DPI (Digital Public Infrastructure) Day as a member of the 2025 DPI Safeguards Working Group, which operates within the United Nations Development Programme and the Office for Digital and Emerging Technologies. Her extensive background with multi-stakeholder communities like SIDI Hub,
Strengthening cloud identity through open standards
The OpenID Foundation’s perspective on secure digital infrastructure The blog post released today by the Cybersecurity and Infrastructure Security Agency (CISA) Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration outlines vulnerabilities in cloud identity infrastructure and the urgent need to address these challenges. We applaud CISA’s call
Notice of Vote to Approve Proposed Errata Corrections to JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)
This is a notice of an upcoming vote to approve proposed errata corrections to JWT Secured Authorization Response Mode for OAuth 2.0 (JARM). The official voting period will be between Monday, July 28, 2025 and Monday, August 4, 2025, once the 45 day review of the specification has been completed. For
OpenID for Verifiable Presentations 1.0 Final Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Final Specification: · OpenID for Verifiable Presentations 1.0: https://openid.net/specs/openid-4-verifiable-presentations-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This OpenID for Verifiable Presentations Final Specification is a product of the OpenID
FAPI 2.0 Security Profile and FAPI 2.0 Message Signing: Final Conformance Tests and Certifications Now Available
The OpenID Foundation is pleased to announce the availability of conformance tests and certifications for the final versions of the FAPI 2.0 Security Profile and FAPI 2.0 Message Signing specifications for both authorization servers and OAuth clients. FAPI 2.0 Security Profile was approved as a Final specification in February 2025,
OpenID Connect Relying Party Metadata Choices 1.0 Implementer’s Draft Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Relying Party Metadata Choices 1.0: https://openid.net/specs/openid-connect-rp-metadata-choices-1_0-ID1.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This specification is a product of the OpenID AB/Connect
OpenID Foundation and CSC partner to strengthen ID ecosystem
The OpenID Foundation is excited to announce a new collaboration agreement with the Cloud Signature Consortium (CSC), marking a significant step forward in the standardization of digital credentials and cloud based signatures. The OpenID Foundation leads the global community in creating identity standards that are secure, interoperable and privacy-preserving, while
Balancing sovereignty and interoperability
OIDF leads critical discussion on digital identity futures IGF 2025 explores pathways for developing and least developed countries to achieve inclusive digital transformation At the recent Internet Governance Forum (IGF) 2025 in Lillestrøm, a pivotal conversation about one of the most pressing challenges facing developing and least developed countries (DLDCs)
Public Review Period for Proposed OpenID for Verifiable Credential Issuance 1.0 Final Specification
The OpenID Digital Credentials Protocols (DCP) Working Group recommends the following OpenID Final Specification: OpenID for Verifiable Credential Issuance 1.0: https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-16.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the specification
OpenID Attachments 1.0 Final Specification Approved
The OpenID Foundation membership has approved the following OpenID Final Specification: OpenID Attachments 1.0: https://openid.net/specs/openid-connect-4-ida-attachments-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The OpenID Attachments 1.0 Final Specifications is the product of the eKYC & IDA Working Group. The voting results
Let’s Discuss Identity Management in AI
By co-chairs: Atul Tulshibagwale, SGNL, Tobin South, WorkOS and Stanford, and Jeff Lombardo, AWS At the recently concluded Identiverse conference, prompted by Jeff Lombardo of AWS, a few of the attendees got together to discuss various security proposals relating to AI. It was clear that AI and identity communities have
Scaling FAPI 2.0 to Transform Healthcare Security in Norway
The OpenID Foundation is proud to spotlight a significant achievement in secure healthcare ecosystems: the implementation of the FAPI 2.0 security profile across the entire Norwegian Health Network (NHN) via the new HelseID service. The OpenID Foundation is also very pleased to share that the NHN has decided to become
EAP ACR Values Final Specification Approved
The OpenID Foundation membership has approved the following OpenID Final Specification: OpenID Connect Extended Authentication Profile (EAP) ACR Values 1.0: https://openid.net/specs/openid-connect-eap-acr-values-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The EAP ACR 1.0 Final Specification is the product of
Building a Digital Commons for Identity – the SIDIHub
At this year’s Identiverse conference, the OpenID Foundation and SIDI Hub were proud to present: “Building a Digital Commons for Identity.” The session outlined what has been achieved so far by the Sustainable and Interoperable Digital Identity Hub project (SIDI Hub) – a global initiative dedicated to advancing safe, interoperable
Notice of Vote for Proposed Implementer’s Draft of OpenID Connect Relying Party Metadata Choices
The official voting period will be between Saturday, June 28, 2025 and Saturday, July 5, 2025, once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Saturday, June 21, 2025. The
OpenID Foundation takes the stage at Identiverse 2025
Scaling interop, tackling delegated authority, and expanding global reach The OpenID Foundation Board was proud to present its ‘Take on the Landscape’ session on June 2, 2025, at Identiverse. Moderated by Executive Director Gail Hodges, the panel explored the OpenID Foundation’s rapidly expanding impact across the identity ecosystem, from scaled
Public Review Period for Proposed Three Shared Signals Final Specifications
The OpenID Shared Signals Working Group recommends approval of the following three specifications as OpenID Final Specifications: OpenID Shared Signals Framework OpenID CAEP OpenID RISC A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period
Notice of Vote for Proposed OpenID for Verifiable Presentations Final Specification
The two-week voting period will be between Tuesday, June 24, 2025 and Tuesday, July 8, 2025 (12:00pm PT), once the 60 day review of the specification has been completed. The OpenID DCP working group page is https://openid.net/wg/digital-credentials-protocols/. If you’re not already an OpenID Foundation member, or if your membership has expired, please
Notice of Vote for Proposed OpenID Attachments 1.0 Final Specification
The official voting period will be between Monday June 16, 2025 and Monday, June 23, 2025 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, early voting will begin on Monday, June 9, 2025.
Public Review of JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)
The OpenID FAPI working group recommends the approval of Errata corrections to the following specification: First Errata Set for JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) An Errata version of a specification incorporates corrections identified after the Final Specification was published. This would be the first set of errata
Public Review Period for Proposed FAPI 2.0 Message Signing Final Specification
This blog post was updated on August 27, 2025 to update the final specification voting schedule below The OpenID FAPI working group recommends the approval of the following specification as an OpenID Final Specification: FAPI 2.0 Message Signing A Final Specification provides intellectual property protections to implementers of the specification and
A new ITU-T standard ushers in a new era for OpenID
Digital identity security is entering a new era as the OpenID Connect Core 1.0 specification has been formally adopted, by incorporation, by the International Telecommunication Union (ITU) as Recommendation X.1285. This milestone represents the first time an OpenID Foundation (OIDF) specification has been recognized as an ITU-T standard, and it
A Global First: OpenID Foundation Demonstrates Real-World Interoperability of New Digital Identity Standards
On May 5, 2025, the OpenID Foundation convened a landmark interoperability demonstration of digital identity credentials that brought together leading identity platforms, standards bodies, and government agencies from three regions. This is the first public demonstration of how a user can present their digital identity across digital platforms, devices, and
Juggling with fire made easier: Provisioning with SCIM
Mike Kiser and Jen Schreiber Beyond the immediate promise of the Shared Signals Framework in managing live sessions through CAEP events, an event-based approach offers a compelling path forward for addressing longer-term identity challenges. One such challenge is identity lifecycle management, or provisioning and deprovisioning. Challenges of provisioning Many underestimate
Notice of Vote for Proposed Final EAP ACR Values Specification
The official voting period will be between Monday June 9, 2025 and Monday, June 16, 2025 (12:00pm PT), once the 60 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, early voting will begin on Monday, June 2, 2025. The
Public Review Period for Proposed Implementer’s Draft of OpenID Connect Relying Party Metadata Choices
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Relying Party Metadata Choices 1.0 This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.
OpenID Foundation presents at Financial Data Exchange Summit
The OpenID Foundation’s Gail Hodges and Joseph Heenan presented a talk on “If, when, and why to implement the FDX ‘blue’ security profile with FAPI 2.0” on Tuesday April 22nd for the benefit of North American attendees at the Financial Data Exchange’s Spring Global Summit held at the Gaylord National
The OpenID Federation Interoperability Event
A breakthrough collaboration From April 28-30, 2025, Stockholm became the epicentre of innovation in digital identity federation as SUNET welcomed 30 international delegates with 14 implementations to a groundbreaking OpenID Federation Interoperability event. The event brought together leaders from the private sector, government, not-for-profits, academic institutions, technical experts, and policy
How AuthZEN, and Shared Signals & CAEP complement each other
Most cyber attacks leverage identities. These standards are our best defense against such attacks. Co-authored by Atul Tulshibagwale, CTO of SGNL, Co-chair of Shared Signals Working Group, and Corporate Board Member of OpenID Foundation, and Omri Gazitt, co-founder & CEO of Aserto and co-chair of AuthZEN Working Group. These days,
OIDF hosts unique global demo of digital ID interoperability
Representing a major milestone in digital identity progress, this unique event will showcase global stakeholder collaboration, technological innovation, and a clear focus on real-world applicability. Designed for a multi-stakeholder audience, the OpenID Foundations invites interested parties to join the virtual webinar. The OpenID Foundation (OIDF), a global leader in open
Shared Signals Framework: The Blueprint for Modern IAM Part 1 of 4
Author: Sean O’Dell The December 2024 Gartner IAM CAEP Interop event in Dallas was a huge success with numerous companies showcasing their adoption, continued investment and interest in the Shared Signals Framework. That said, it is time to release this series of blog posts diving deeper into Shared Signals and
Join us for a global demo of digital identity in action
In a world where digital transactions and online services touch almost every facet of daily life, having a secure, privacy-preserving identity you can carry anywhere is no longer a luxury. It’s a necessity. On Monday, May 5th, 2025 (4:30-6:00pm CET / 10:30am-12:00pm ET / 7:30-9:00am PT), the OpenID Foundation is
Public Review Period for Proposed OpenID for Verifiable Presentations Final Specification
The OpenID DCP working group recommends approval of the following specification as an OpenID Final Specification: OpenID for Verifiable Presentations A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the specification draft in
OpenID Foundation Member Announcement – Update to How You Log in at openid.net
Dear OpenID Foundation Members, The OpenID Foundation (OIDF) is updating the way you log in at openid.net. Logins at https://openid.net/foundation/members currently use a no-longer-supported service called Janrain Engage. OIDF looked at extending the Janrain Engage solution to offer more social login options but was unable to do so as it is no
Public Review Period for Proposed OpenID Attachments 1.0 Final Specification
The OpenID eKYC & IDA working group recommends approval of the following specification as an OpenID Final Specification: OpenID Attachments 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the
OpenID Foundation Members Honoured in Okta’s Identity 25
The OpenID Foundation applauds all the honorees from this year’s Okta Ventures “The Identity 25” program. Today we take a moment to proudly celebrate the members of the OpenID Foundation Community recognized in the Okta Ventures’ Identity 25 honourees. Many of our friends, colleagues, partners are recognized here, who we
Public Review Period for Proposed Final EAP ACR Values Specification
The OpenID EAP working group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Extended Authentication Profile (EAP) ACR Values 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period
OIDF & OIDF-J welcome the Japanese Digital Agency, West Japan Railway Company, and the National Institute of Informatics’ Student VC Project
Translated from the OIDF-J announcement. The OpenID Foundation and the OpenID Foundation Japan would like to express our sincere welcome to the pilot project for the social implementation of services for students using verifiable credentials, which was conducted and announced in March 2025 by the Digital Agency, West Japan Railway
AuthZEN & Shared Signals in the Gartner IAM 2025 spotlight
An intense and unforgettable two days for the OpenID Foundation The OpenID Foundation was again invited to lead cutting-edge interoperability demonstrations at the March 2025 Gartner Identity & Access Management Summit in London this week. This time, two Working Groups, Shared Signals and AuthZEN, had a presence. The demand for
Implementer’s Draft of OpenID4VC High Assurance Interoperability Profile Approved
The OpenID Foundation membership has approved the following OpenID Implementer’s Draft: OpenID for OpenID4VC High Assurance Interoperability Profile: https://openid.net/specs/openid4vc-high-assurance-interoperability-profile-1_0-ID1.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. OpenID for OpenID4VC High Assurance Interoperability Profile Implementer’s Draft is the product
Implementer’s Guide: FAPI 2.0 Final vs. Implementer’s Draft 2.0
Author: Dima Postnikov, Vice-Chair of OpenID Foundation and FAPI WG Member Contributors: Gail Hodges, Nat Sakimura, Ralph Bragg, Filip Skokan, Joseph Heenan. This article is also accessible on Medium. Introduction In a significant milestone for the global Open Banking and Open Data community, on February 22nd, the OpenID Foundation published
Standardized, Fine-Grained Authorization Using OAuth 2 Grant Management and Rich Authorization Requests
Since 2018, the OpenID Foundation’s FAPI Working Group and the global community have been developing standards to support Open Banking and Open Data. In “Standardized and Fine-Grained Authorization with OAuth 2 Grant Management and Rich Authorization Requests,” Dima Postnikov (OIDF Vice Chairman) and Gail Hodges (OIDF Executive Director) lay out
Notice of Vote for Proposed Implementer’s Draft of OpenID4VC High Assurance Interoperability Profile
The official voting period will be between Tuesday, March 25, 2025 and Tuesday, April 1, 2025 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, early voting will begin on Tuesday, March 18, 2025. The
Webinar on IPSIE secures more than 300 registrations
More than 300 identity security leaders and identity professionals registered for a recent webinar where our Executive Director Gail Hodges discussed with industry experts Jeff Reich, Dean H. Saxe, Aaron Parecki and George Fletcher, how enterprises can achieve secure, interoperable identity management using multiple standards, new enterprise interoperability profiles to
OpenID Federation Interop Event, April 28-30, 2025
The OpenID Foundation will be holding an interop testing event Monday-Wednesday, April 28-30, 2025 for OpenID Federation implementations. In-person participation is encouraged, but if it works better for you, you can also participate remotely. The event will be hosted by SUNET at their office in Stockholm, Sweden. Event Details: 📅 Date:
OPIN joins OIDF Board via Peers Consulting + Technology
The OpenID Foundation is delighted to announce that Open Insurance Brazil (OPIN) will be joining the OpenID Foundation Board of Directors as a Sustaining Member, via their strategic partnership with Peers Consulting + Technology. Francisco Leme, Chief Technology and Operations Officer for OPIN and representative for Peers Consulting, will represent
Notice of a Security Vulnerability
The OpenID Foundation is committed to maintaining the highest security standards in identity protocols and takes security research seriously. As our specifications move towards final, we engage security researchers to conduct a rigorous security analysis and identify any vulnerabilities in the specifications. During a formal analysis of OpenID Federation, a
OIDF Re-Elected to OpenWallet Foundation’s Board
The OpenID Foundation is delighted to announce its re-election to the OpenWallet Foundation’s (OWF) Board of Directors as an Observer. This position allows the OpenID Foundation to continue representing the OWF’s associate sponsors, which include a diverse array of non-profit, academic, and government entities. For the year ahead, the OpenID
Attend the OIDF Workshop prior to IIW Spring 2025 on 7th April 2025
The OpenID Foundation will be holding a hybrid workshop on Monday, 7th April 2025, just ahead of the Spring 2025 Internet Identity Workshop (IIW). This hybrid event will take place both in person at Google’s facility in Sunnyvale, CA, and online making it accessible to participants worldwide. Event Details:
FAPI 2.0 Security Profile and Attacker Model Final Specifications Approved
The OpenID Foundation membership has approved the following OpenID Final Specifications: FAPI 2.0 Security Profile: https://openid.net/specs/fapi-security-profile-2_0-final.html FAPI 2.0 Attacker Model: https://openid.net/specs/fapi-attacker-model-2_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The FAPI Final Specifications are the product of the FAPI Working
Australian Digital Trust Community Group (ADT CG)
by Victoria Richardson, ID Partners & Community Group Co-Chair We are not yet halfway through the first quarter of 2025 and it’s already clear that digital identity and trusted ecosystems more broadly are front of mind for many countries. Digital driver licenses in particular have made the headlines with insights
Second Implementer’s Draft of OpenID for Verifiable Credential Issuance Specification Approved
The OpenID Foundation membership has approved the following specification as an OpenID Second Implementer’s Draft: OpenID for Verifiable Credential Issuance An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This Second Implementer’s Draft is a product of the Digital Credentials
Public Review Period for Proposed Implementer’s Draft of OpenID4VC High Assurance Interoperability Profile
The Digital Credentials Protocols (DCP) working group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID for OpenID4VC High Assurance Interoperability Profile: https://openid.net/specs/openid4vc-high-assurance-interoperability-profile-1_0-03.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review
AuthZEN community to host interoperability session at the Gartner IAM Summit
AuthZEN Co-chairs David Brossard and Omri Gazitt presenting at Gartner IAM in Dallas, December 2024 As part of its return to the Gartner Identity and Access Management (IAM) Summit in London, March 24th-25th 2025, the OpenID Foundation is excited to share that it will also be hosting its latest
Shared Signal WG returns to Gartner IAM for interoperability
Call for participants: Demonstrate your SSF and CAEP implementations at the Gartner IAM Summit in London this March. The OpenID Foundation is excited to announce its return to the Gartner Identity and Access Management (IAM) Summit in London, March 24th-25th 2025, to host another interoperability session. This marks the third
Notice of Vote for Proposed FAPI 2.0 Security Profile and Attacker Model Final Specifications
The official voting period will be between Saturday, February 8, 2025 and Saturday, February 15, 2025 (12:00pm PT), once the 60 day review of the specifications has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Saturday, February 1, 2025.
Notice of Vote for Proposed Second Implementer’s Draft of OpenID for Verifiable Credential Issuance Specification
The official voting period will be between Monday, February 3, 2025 and Monday, February 10, 2025 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Monday, January 27, 2025. The Digital
OIDF Feedback on NIST’s Attribute Validation Services
The National Institute of Standards and Technology (NIST) recently released a draft report entitled Attribute Validation Services for Identity Management, which seeks to provide a comprehensive framework for agencies considering implementing Attribute Validation Services (AVS) services. AVS are critical for identity proofing, fraud prevention, and ensuring equal access to digital
2025 OpenID Foundation Board of Directors
by Gail Hodges, Executive Director I want to sincerely thank all OpenID Foundation members who voted in the 2025 elections for representatives to the OpenID Foundation Board of Directors. Per the Foundation’s Bylaws and as of December 1, 2024, there were two Corporate Representative and two Community Representative seats up
Strengthening cybersecurity measures – the OpenID Foundation’s recommendations on ENISA’s guidance for the NIS2 Directive
As the European Union continues to strengthen its cybersecurity framework, the NIS2 Directive serves as a pivotal measure to protect critical infrastructure and essential services across member states. Committed to advancing secure and interoperable digital identity standards, the OpenID Foundation welcomes the opportunity to contribute to this critical initiative and
Third OpenID4VP Implementer’s Draft Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations: https://openid.net/specs/openid-4-verifiable-presentations-1_0-ID3.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This Implementer’s Draft is a product of the AB/Connect working group. The voting
Driving Innovation and Adoption: Reflections on the California mDL Hackathons
The California Department of Motor Vehicles (DMV), in partnership with the OpenID Foundation, recently hosted two groundbreaking hackathons aimed at advancing digital identity through California’s mobile Driver’s License (mDL). With over 100 attendees at both events, they were more than simply technical exercises; they were pivotal moments in the evolution
Digital Identity News Round-Up: 13 Dec 2024
The OpenID Foundation is now offering a Digital Identity Round-Up, similar to that which OIX used to offer its members. If you have suggestions or sources that we need to add to our lists as we develop this round-up, please feel free to contact Elizabeth Garber. Cyprus has launched
Shared Signals Interoperability at Gartner IAM
We are thrilled to share that TODAY (and also tomorrow) we are showcasing shared signals interoperability in action at the Gartner Identity and Access Management (IAM) Summit, in Grapevine, Texas. Following the significant levels of interest generated by the success of our interoperability session at the last Gartner IAM Summit
Public Review Period for Proposed Final FAPI 2.0 Security Profile and Attacker Model Specifications
The OpenID Foundation’s FAPI Working Group recommends approval of the following specifications as OpenID Final Specifications. FAPI 2.0 Security Profile Other formats: XML, MD FAPI 2.0 Attacker Model Other formats: XML, MD A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts
Announcing the 2025 OpenID Foundation Community Representatives Election
This is to announce the 2024 OpenID Foundation Community Representatives election schedule. Those elected will help guide the Foundation’s efforts in facilitating the development and adoption of important open identity standards enabling global interoperability as well as the strategic direction of the Foundation. Per the OIDF Bylaws and as of December
OpenID Foundation returns to Gartner IAM Summit to showcase Shared Signals interoperability in action
OpenID Foundation returns to Gartner IAM Summit to showcase Shared Signals interoperability in action OpenID Foundation invites attendees to come along and find out how it is laying the groundwork for safer digital ecosystems leveraging shared signals. December event will demonstrate the game-changing role the OpenID Foundation’s Shared Signals Framework
Notice of Vote for Proposed Implementer’s Draft of OpenID4VP Specification
The official voting period will be between Tuesday, December 17, 2024 and Tuesday, December 24, 2024 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Tuesday, December 10, 2024. The
AuthZEN Authorization API 1.0 Implementer’s Draft Approved
The OpenID Foundation membership has approved the following AuthZEN specifications as an OpenID Implementer’s Draft: Authorization API 1.0 Implementer’s Draft: https://openid.net/specs/authorization-api-1_0-01.html An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This Implementer’s Draft is a product of the AuthZEN Working
For the Record: The IPSIE WG and OpenID Foundation Processes
We recently shared some exciting news about a new Working Group, Interoperability Profiling for Secure Identity in the Enterprise (IPSIE). However, there have been some misunderstandings in the media coverage that followed the OpenID Foundation’s announcement. The OIDF is keen to clarify our ways of working and affirm that all