Public Review Period for Proposed Final FAPI 2.0 Security Profile and Attacker Model Specifications

Published December 9, 2024

The OpenID Foundation’s FAPI Working Group recommends approval of the following specifications as OpenID Final Specifications.

A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the specification draft in accordance with the OpenID Foundation IPR policies and procedures. Unless issues are identified during the review that the working group believes must be addressed by revising the draft, this review period will be followed by a seven-day voting period during which OpenID Foundation members will vote on whether to approve this draft as an OpenID Final Specification. For the convenience of members, voting will actually begin a week before the start of the official voting period for members who have completed their reviews by then.

The relevant dates are:

  • Final Specification public review period: Monday, December 9, 2024 to Friday, February 7, 2025 (60 days)
  • Final Specification vote announcement: Saturday, January 25, 2025
  • Final Specification early voting opens: Saturday, February 1, 2025 *
  • Final Specification voting period: Saturday, February 8, 2024 to Saturday, February 15, 2025 (7 days)*

* Note: Early voting before the start of the formal voting will be allowed.

The FAPI Working Group page is https://openid.net/wg/fapi/. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration. If you’re not a current OpenID Foundation member, please consider joining to participate in the approval vote.

You can send feedback on the specifications in a way that enables the working group to act upon it by (1) signing the OIDF Contribution Agreement at https://openid.net/intellectual-property/ to join the work group, (2) joining the work group mailing list at openid-specs-fapi@lists.openid.net, and (3) sending your feedback to the list. 

Marie Jordan – OpenID Foundation Board Secretary

About The OpenID Foundation (OIDF)

The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, the Financial Grade API has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling “networks of networks” to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.



Tagged