OIDF applauds new FIDO and Shared Signals whitepaper
The OpenID Foundation welcomes the publication of a new whitepaper from the FIDO Alliance that examines how FIDO authentication and the Shared Signals Framework (SSF) work together to address enterprise security challenges. We recognize the significant effort by the FIDO Enterprise Deployment Working Group to illustrate how aligned our specifications are, and we welcome the […]
PRESS RELEASE: OpenID Foundation finalizes global standards for real-time identity security
Industry wide adoption of standardized security event sharing now possible. Three specifications to enable instant security coordination across all connected systems worldwide. This crucial development will make Zero Trust architectures achievable at global scale. San Ramon, CA, 16 September 2025 – The OpenID Foundation (OIDF), a global leader in open identity standards, has approved […]
How SSF/CAEP and STIX/TAXII Secure Different Fronts
By Shared Signals Framework WG Contributor, Apoorva Deshpande, Okta In the realm of cybersecurity, there are two critical sets of frameworks that serve distinct yet vital roles in how organizations share and act upon security information – the Shared Signals Framework (SSF), with its Continuous Access Evaluation Protocol (CAEP), and the Trusted Automated eXchange of […]
Three Shared Signals Final Specifications Approved
The OpenID Foundation membership has approved the following three specifications as an OpenID Final Specifications: OpenID Shared Signals Framework: https://openid.net/specs/openid-sharedsignals-framework-1_0-final.html OpenID CAEP: https://openid.net/specs/openid-caep-1_0-final.html OpenID RISC: https://openid.net/specs/openid-risc-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. These three Final Specifications are the product of the OpenID Shared […]
Juggling with fire made easier: Provisioning with SCIM
Mike Kiser and Jen Schreiber Beyond the immediate promise of the Shared Signals Framework in managing live sessions through CAEP events, an event-based approach offers a compelling path forward for addressing longer-term identity challenges. One such challenge is identity lifecycle management, or provisioning and deprovisioning. Challenges of provisioning Many underestimate the challenges of provisioning; for […]
Shared Signals Framework: The Blueprint for Modern IAM Part 1 of 4
Author: Sean O’Dell The December 2024 Gartner IAM CAEP Interop event in Dallas was a huge success with numerous companies showcasing their adoption, continued investment and interest in the Shared Signals Framework. That said, it is time to release this series of blog posts diving deeper into Shared Signals and its applicability in the greater […]
Second Implementer’s Draft of RISC Profile Approved
The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/openid-risc-profile-specification-1_0-ID2.html The voting results were: Approve […]
Notice of Vote for Second Proposed RISC Profile Implementer’s Draft
The official voting period will be between Saturday, August 20, 2022 and Saturday, August 27, 2022, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually begin on Friday, August 12, 2022 for members who have completed their reviews by then, with the voting period ending on […]
Public Review Period for Second Proposed RISC Profile Implementer’s Draft
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period for the specification […]
Public Review Period for Proposed RISC Profile Implementer’s Draft
The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period for the specification draft […]