OIDF submits comments on CFPB Data Rights Rule
The OpenID Foundation (OIDF) has submitted comments to the Consumer Financial Protection Bureau (CFPB) regarding the reconsideration of Rule 1033 on personal financial data rights. The OpenID Foundation brings expertise from working with open banking implementations across 12 global ecosystems. This submission represents the Foundation’s third response to this regulation, after providing comments in December […]
PRESS RELEASE: OpenID Foundation finalizes global standards for real-time identity security
Industry wide adoption of standardized security event sharing now possible. Three specifications to enable instant security coordination across all connected systems worldwide. This crucial development will make Zero Trust architectures achievable at global scale. San Ramon, CA, 16 September 2025 – The OpenID Foundation (OIDF), a global leader in open identity standards, has approved […]
How SSF/CAEP and STIX/TAXII Secure Different Fronts
By Shared Signals Framework WG Contributor, Apoorva Deshpande, Okta In the realm of cybersecurity, there are two critical sets of frameworks that serve distinct yet vital roles in how organizations share and act upon security information – the Shared Signals Framework (SSF), with its Continuous Access Evaluation Protocol (CAEP), and the Trusted Automated eXchange of […]
Strengthening cloud identity through open standards
The OpenID Foundation’s perspective on secure digital infrastructure The blog post released today by the Cybersecurity and Infrastructure Security Agency (CISA) Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration outlines vulnerabilities in cloud identity infrastructure and the urgent need to address these challenges. We applaud CISA’s call for public-private collaboration, and their […]
Scaling FAPI 2.0 to Transform Healthcare Security in Norway
The OpenID Foundation is proud to spotlight a significant achievement in secure healthcare ecosystems: the implementation of the FAPI 2.0 security profile across the entire Norwegian Health Network (NHN) via the new HelseID service. The OpenID Foundation is also very pleased to share that the NHN has decided to become a member of its community. […]
OpenID Foundation takes the stage at Identiverse 2025
Scaling interop, tackling delegated authority, and expanding global reach The OpenID Foundation Board was proud to present its ‘Take on the Landscape’ session on June 2, 2025, at Identiverse. Moderated by Executive Director Gail Hodges, the panel explored the OpenID Foundation’s rapidly expanding impact across the identity ecosystem, from scaled up interoperability testing to critical […]
Juggling with fire made easier: Provisioning with SCIM
Mike Kiser and Jen Schreiber Beyond the immediate promise of the Shared Signals Framework in managing live sessions through CAEP events, an event-based approach offers a compelling path forward for addressing longer-term identity challenges. One such challenge is identity lifecycle management, or provisioning and deprovisioning. Challenges of provisioning Many underestimate the challenges of provisioning; for […]
Shared Signals Framework: The Blueprint for Modern IAM Part 1 of 4
Author: Sean O’Dell The December 2024 Gartner IAM CAEP Interop event in Dallas was a huge success with numerous companies showcasing their adoption, continued investment and interest in the Shared Signals Framework. That said, it is time to release this series of blog posts diving deeper into Shared Signals and its applicability in the greater […]
Webinar on IPSIE secures more than 300 registrations
More than 300 identity security leaders and identity professionals registered for a recent webinar where our Executive Director Gail Hodges discussed with industry experts Jeff Reich, Dean H. Saxe, Aaron Parecki and George Fletcher, how enterprises can achieve secure, interoperable identity management using multiple standards, new enterprise interoperability profiles to strengthen security and streamline identity […]
Notice of a Security Vulnerability
The OpenID Foundation is committed to maintaining the highest security standards in identity protocols and takes security research seriously. As our specifications move towards final, we engage security researchers to conduct a rigorous security analysis and identify any vulnerabilities in the specifications. During a formal analysis of OpenID Federation, a security vulnerability was discovered relating […]