Tag Archives : OpenID Connect


Notice of Vote for Implementer’s Drafts of Four MODRNA Specifications

The official voting period will be between Friday, April 21 and Friday, April 28, 2017, following the 45 day review of the specifications. For the convenience of members, voting will actually open a week before this on Friday, April 14 for members who have completed their reviews by then, with […]


OpenID Connect Logout Implementer’s Drafts Approved

The OpenID Foundation membership has approved these specifications as OpenID Implementer’s Drafts. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a […]


Notice of Vote for Implementer’s Drafts of OpenID Connect Logout Specifications

The official voting period will be between Tuesday, March 21 and Tuesday, March 28, 2017, following the 45 day review of the specification. For the convenience of members, voting will actually open a week before Tuesday, March 21 on Tuesday, March 14 for members who have completed their reviews by […]


OpenID Connect Relying Party Certification Adoption

The adoption of the new OpenID Connect Relying Party (RP) Certification has exceeded our expectations – especially the surprising number of early adopters who tested a wide variety of implementations. The tests were improved at an accelerating rate, with many organizations actively “testing the tests”. All of the OpenID Foundation’s […]


Review of Proposed Implementer’s Drafts of OpenID Connect Logout Specifications

The OpenID Connect Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality Front-Channel Logout – Defines a front-channel logout mechanism that does not use an OP iframe on RP pages Back-Channel Logout – […]


Initial OpenID Connect Enhanced Authentication Profile (EAP) Specifications

The OpenID Enhanced Authentication Profile (EAP) working group charter states that: The purpose of this working group is to develop a security and privacy profile of the OpenID Connect specifications that enable users to authenticate to OpenID Providers using strong authentication specifications. The resulting profile will enable use of IETF […]


Preventing Mix-Up Attacks with OpenID Connect   Recently updated !

Recently the OAuth community has been concerned with some attack vectors around mixed up clients, particularly when dynamic client registration and discovery are used with user-selected OpenID Providers. Broadly, the attacks consist of using dynamic client registration, or the compromise of an OpenID Provider (OP), to trick the Relying Party […]


Building on What’s Built: OpenID Certification Momentum

At the OpenID Certification Launch in April 2015, 6 organizations had certified 8 OpenID Connect Provider implementations for 21 conformance profiles. Now, as you can see at http://openid.net/certification/, 14 organizations and individuals have certified 16 OpenID Connect Provider implementations for 48 conformance profiles. The OpenID Foundation has championed self-certification as […]


Announcing the OIDF iGov Working Group

A recent US NIST announcement describes the newly formed OIDF International Government Assurance Profile (iGov) Working Group which is an international public and private sector collaboration that will develop an interoperable profile of OpenID Connect to allow users to authenticate and share consented attribute information in a consistent and user-centric […]


The Path Forward for Self-Certification

The increasing adoption of OpenID Connect deployments has required the OpenID Foundation to develop new certification models that support the practical business, legal and technical realities of today’s Internet scale deployments. Throughout 2015, the pilot phase of OpenID Connect self-certification has been testing the efficiencies, cost effectiveness and trustworthiness of […]