Final Specification


Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification

The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public […]


FAPI 1.0 Part 1 and Part 2 are now Final Specifications

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Final Specifications: Financial-grade API 1.0 – Part 1: Baseline Security Profile Financial-grade API 1.0 – Part 2: Advanced Security Profile A Final Specification provides intellectual property protections to implementers of the specification and is not subject […]


Notice of Vote for Proposed Final FAPI 1.0 Part 1 and Part 2 Specifications

The official voting period will be between Tuesday, December 29, 2020 and Tuesday, January 5, 2021, once the 60-day review of the specifications has been completed. For the convenience of members, voting will actually begin on Monday, December 7, 2020 for members who have completed their reviews by then, with […]


Public Review Period for Proposed Final FAPI 1.0 Part 1 and Part 2 Specifications

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Final Specifications: Financial-grade API – Part 1: Baseline Security Profile Financial-grade API – Part 2: Advanced Security Profile A Final Specification provides intellectual property protections to implementers of the specification and is not subject to […]


Final OAuth 2.0 Form Post Response Mode Specification Approved

The OAuth 2.0 Form Post Response Mode specification has been approved as a Final Specification by a vote of the OpenID Foundation members. A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This specification defines how to return OAuth 2.0 […]


Final OpenID 2.0 to OpenID Connect Migration Specification Approved

The OpenID 2.0 to OpenID Connect Migration specification has been approved as a Final Specification by a vote of the OpenID Foundation members. A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This specification defines how to migrate from OpenID […]


Vote to approve final OAuth 2.0 Form Post Response Mode specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OAuth 2.0 Form Post Response Mode 1.0 – Defines how to return OAuth 2.0 Authorization Response parameters (including OpenID Connect Authentication Response parameters) using HTML form values that are auto-submitted by the User Agent […]


Review of proposed final OAuth 2.0 Form Post Response Mode specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OAuth 2.0 Form Post Response Mode 1.0 – Defines how to return OAuth 2.0 Authorization Response parameters (including OpenID Connect Authentication Response parameters) using HTML form values that are auto-submitted by the User Agent […]


Review of proposed final OpenID 2.0 to OpenID Connect Migration specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID 2.0 to OpenID Connect Migration 1.0 – Defines how to migrate from OpenID 2.0 to OpenID Connect A Final Specification provides intellectual property protections to implementers of the specification and is not subject […]


Errata to OpenID Connect Specifications Approved 1

Errata to the following specifications have been approved by a vote of the OpenID Foundation members: OpenID Connect Core 1.0 – Defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of Claims to communicate information about the End-User OpenID Connect Discovery 1.0 – […]