FAPI


OpenID Certification Program Expands with the Release of Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) Certification

The OpenID Foundation announced today its expansion of the OpenID Certification program with conformance testing and self-certification of Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) OpenID Providers. The ability to self-certify FAPI-CIBA implementations builds on the availability and success of Financial-grade API (FAPI) certifications whereby a number of vendors […]


Implementer’s Draft of FAPI Client Initiated Backchannel Authentication (CIBA) Profile Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: Financial-grade API: Client Initiated Backchannel Authentication Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. This […]


Notice of Vote for Implementer’s Draft of FAPI Client Initiated Backchannel Authentication (CIBA) Profile

The official voting period will be between Friday, August 16 and Friday, August 23, 2019, following the 45 day review of the specification. For the convenience of members, voting will actually open early on Friday, August 9, providing for a two-week voting period. The FAPI working group page is https://openid.net/wg/fapi/. […]


Financial Data and Technology Association and OpenID Foundation in Global Agreement

Not-for-profits to campaign jointly on open finance initiatives The OpenID Foundation (OIDF), the international standardisation organisation which maintains a standard known as the Financial-grade API (FAPI), and the Financial Data and Technology Association (FDATA Global), the global trade association for companies working to promote ‘open finance’ and best practise financial […]


Financial Data Exchange, OpenID Foundation Take Step Towards Global Standard for Financial Data Sharing

The Financial Data Exchange (FDX) and the OpenID Foundation (OIDF) have announced an agreement to collaborate in order to advance a common technical standard for the secure exchange of consumer financial information. As online banking evolves and fintech apps grow in popularity, consumers increasingly wish to share their personal account, […]


Guest Blog: Formal Analysis of the OpenID Financial-grade API

Guest blog post by Daniel Fett (yes.com), Pedram Hosseyni, and Ralf Küsters (University of Stuttgart). The security of a web protocol is crucial, especially in the domain of financial applications and in other high-stakes environments. For identifying weaknesses in protocols and ensuring security, formal protocol analysis is the state-of-the-art method. […]


OpenID Certification Program Expansion and Fee Update

The OpenID Foundation launched the OpenID Certification Program in 2015. The Program enables organizations to certify that their OpenID Connect implementations conform to specified profiles of the OpenID Connect standard. The certification program is a tool to help ensure that implementations by different parties will interoperate. It provides assurance to […]


Implementer’s Drafts of Three FAPI Specifications Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: Financial-grade API — Part 1: Read Only API Security Profile Financial-grade API — Part 2: Read & Write API Security Profile Financial-grade API — JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) An […]


Notice of Vote for Implementer’s Drafts of Three FAPI Specifications

The official voting period will be between Tuesday, October 15, 2018 and Tuesday, October 22, 2018, following the 45 day review of the specification. For the convenience of members, voting will actually open on Tuesday, October 8, 2018 for members who have completed their reviews by then, with the voting […]


FAPI WG recommends the Part 1, 2 and JARM drafts for the implementer’s draft – Public review period has started

The OpenID OpenID Financial-grade API Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Financial-grade API — Part 1: Read Only API Security Profile  Financial-grade API — Part 2: Read & Write API Security Profile Financial-grade API — JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)  An […]