Public Review Period for Proposed Second Implementer’s Draft of Grant Management for OAuth 2.0

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts […]

What are the differences between FAPI 1.0 and FAPI 2.0 and what do they mean to you?

Last updated: February 2023. In one paragraph, FAPI 1.0 Advanced is secure, stable, and complete Final Specification with a certification test suite while FAPI 2.0 is still in development so new features can be incorporated. FAPI 2.0 Security Profile has been through a formal security analysis in the same way as FAPI 1.0 Advanced, but […]

OpenID: Now more powerful and easier to use!

Google, Yahoo!, and MySpace have launched support for the OpenID OAuth Hybrid Protocol, which combines OpenID authentication (sign in) with OAuth authorization (access control) into a single interface. Websites that accept OpenID can now let the hundreds of millions of users who already have either a MySpace, Google, or Yahoo! account sign in and enable […]