Examples added to OpenID Connect Token Bound Authentication spec

OpenID Connect Token Bound Authentication 1.0 draft 01 adds examples showing the flows in action. Thanks to Brian Campbell for adding them! This draft also adds a Security Considerations paragraph describing that additional security tokens can also be token bound, including cookies, access tokens, refresh tokens, and authorization codes. This […]


Guest Blog: Reaching the Age of Consent

In the past year, consent for the release of attributes, and more generally for personal information items, has become a highly active area of Internet identity. Drivers are numerous, including GDPR, the new draft of NIST 800-63-3, and the challenges R&E federations are facing in attribute release. While policy regulations […]


Notice of Vote for Implementer’s Drafts of Four MODRNA Specifications

The official voting period will be between Friday, April 21 and Friday, April 28, 2017, following the 45 day review of the specifications. For the convenience of members, voting will actually open a week before this on Friday, April 14 for members who have completed their reviews by then, with […]


OpenID Connect Logout Implementer’s Drafts Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a […]


Public Review Period for Four MODRNA Specifications Started

The OpenID Foundation MODRNA Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: OpenID Connect MODRNA Authentication Profile 1.0, draft 06 OpenID Connect Account Porting, draft 07 OpenID Connect User Questioning API 1.0, draft 10 OpenID Connect MODRNA Client initiated Backchannel Authentication Flow 1.0, draft 03 An […]


Registration Open for OpenID Foundation Workshop on Monday, May 1, 2017   Recently updated !

OpenID Foundation Workshops provide early insight and influence on important open identity standards like OpenID Connect.  These workshops provide updates on the OpenID Certification Program as well as updates on OpenID Foundation Working Groups. The workshop will review the interface of the MODRNA (Mobile Profile of OpenID Connect) and the GSMA’s […]


FAPI Part 1 Implementer’s Draft Approved

The OpenID Foundation membership has approved “Financial API – Part 1: Read Only API Security Profile” as an OpenID Implementer’s Draft. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The specification is available at: http://openid.net/specs/openid-financial-api-part-1-ID1.html The voting results were: […]


OpenID Connect Relying Party Certification Adoption

The adoption of the new OpenID Connect Relying Party (RP) Certification has exceeded our expectations – especially the surprising number of early adopters who tested a wide variety of implementations. The tests were improved at an accelerating rate, with many organizations actively “testing the tests”. All of the OpenID Foundation’s […]


2017 OpenID Foundation Board of Directors Election Results

The OpenID Foundation is pleased to welcome Ashish Jain of VMware as the new board representative for the corporate class of members, Ashish has been elected to a one-year term. Thanks to Dale Olds, also of VMware, for his service in the past year in this role. Dale was most […]