openid


OpenID Foundation Launches New Microsite Focused on Open Banking and Fintech Developers

The OpenID Foundation has launched a new microsite focused on global open banking initiatives and providing resources for fintech developers implementing the Foundation’s Financial-grade API (FAPI). In 2017, the OpenID Foundation’s Financial-grade API (FAPI) Working Group published specifications enabling high-security API access, suitable for accessing financial data and facilitating financial […]


Registration Open for OpenID Foundation Workshop at Verizon Media on Monday, April 29, 2019

OpenID Foundation Workshops provide insight and influence on important Internet identity standards. The workshops provide updates on the work happening within OpenID Foundation working groups as well as updates on the OpenID Certification Program. Leading technologists from Verizon Media, Google, Microsoft, Amazon, Yubico, Verizon and others will update key issues […]


The UK Open Banking Implementation Entity Adopts the OpenID Foundation Financial-Grade API (FAPI) Specification & Certification Program

The 2018 Identiverse Conference provided a timely catalyst for representatives of the OpenID Foundation and the UK Open Banking Implementation Entity (OBIE) to announce their collaboration on the Financial-grade API (FAPI) specification. The Identiverse stage provided an ideal venue to emphasize the importance of building on the award winning OpenID Certification […]


The OpenID Foundation Launches the OpenID Connect Standard 27

Providing Increased Security, Usability, and Privacy on the Internet RSA 2014 and Mobile World Congress- San Francisco, CA, and Barcelona, Spain – Feb. 26, 2014 – The OpenID Foundation announced today that its membership has ratified the OpenID Connect standard.  Organizations and businesses can now use OpenID Connect to develop […]


Vulnerability Alert – OpenID 2.0 Implementations Vulnerabilities found in some OPs 5

Please be advised a number of OpenID Authentication 2.0 server implementations were found to be vulnerable due to non-compliance to the normative requirements of the OpenID Authentication 2.0 specification. The nature of the vulnerability In section 11.4.2.1 of the OpenID Authentication 2.0, it is stated that “For verifying signatures an […]


Second OpenID Connect Implementer’s Drafts Approved 7

The OpenID membership has approved the following specifications as OpenID Implementer’s Drafts in the vote held from July 23 and July 30, 2013: Basic Client Profile – Simple, self-contained profile for a Web-based Relying Parties using the OAuth code flow. Implicit Client Profile – Simple, self-contained profile for a Web-based […]


OpenID Connect Implementer’s Drafts Approved 7

The OpenID membership has approved the following specifications as OpenID Implementer’s Drafts in the vote held from February 7th to 15th, 2012: • Basic Client Profile – Simple self-contained specification for a web-based Relying Party. (This spec contains a subset of the information in Messages and Standard.) • Discovery – Defines […]