Public Review Period for Five HEART Specifications Started

The OpenID HEART Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Health Relationship Trust Profile for OAuth 2.0 Health Relationship Trust Profile for OpenID Connect 1.0 Health Relationship Trust Profile for User Managed Access 1.0 Health Relationship Trust Profile for Fast Healthcare Interoperability Resources (FHIR) OAuth […]

Connecting Standards: RESO and OpenID Connect

Don Thibeau, The OpenID Foundation, with Jeremy Crawford, CEO, Real Estate Standards Organization   One of the sure signs of increasing momentum is when other standards organizations adopt yours. And it’s particularly noteworthy when that adoption not only builds on OpenID Connect, but adds OpenID Connect conformance compliance as part […]

OpenID Implementer’s Drafts of Four MODRNA Specifications Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. OpenID Connect MODRNA Authentication Profile 1.0 OpenID Connect Account Porting OpenID Connect User Questioning API 1.0 OpenID Connect MODRNA […]

Examples added to OpenID Connect Token Bound Authentication spec

OpenID Connect Token Bound Authentication 1.0 draft 01 adds examples showing the flows in action. Thanks to Brian Campbell for adding them! This draft also adds a Security Considerations paragraph describing that additional security tokens can also be token bound, including cookies, access tokens, refresh tokens, and authorization codes. This […]

Guest Blog: Reaching the Age of Consent

In the past year, consent for the release of attributes, and more generally for personal information items, has become a highly active area of Internet identity. Drivers are numerous, including GDPR, the new draft of NIST 800-63-3, and the challenges R&E federations are facing in attribute release. While policy regulations […]