Top firms test interoperability of final SSF and CAEP
The OpenID Foundation and hosting partner FIDO Alliance brought together implementers of the newly finalized Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP) specifications to demonstrate interoperability at the Authenticate 2025 conference in Carlsbad, California, earlier this month (October 13-15, 2025). The Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP) enable […]
PRESS RELEASE: OpenID Foundation finalizes global standards for real-time identity security
Industry wide adoption of standardized security event sharing now possible. Three specifications to enable instant security coordination across all connected systems worldwide. This crucial development will make Zero Trust architectures achievable at global scale. San Ramon, CA, 16 September 2025 – The OpenID Foundation (OIDF), a global leader in open identity standards, has approved […]
How SSF/CAEP and STIX/TAXII Secure Different Fronts
By Shared Signals Framework WG Contributor, Apoorva Deshpande, Okta In the realm of cybersecurity, there are two critical sets of frameworks that serve distinct yet vital roles in how organizations share and act upon security information – the Shared Signals Framework (SSF), with its Continuous Access Evaluation Protocol (CAEP), and the Trusted Automated eXchange of […]
Three Shared Signals Final Specifications Approved
The OpenID Foundation membership has approved the following three specifications as an OpenID Final Specifications: OpenID Shared Signals Framework: https://openid.net/specs/openid-sharedsignals-framework-1_0-final.html OpenID CAEP: https://openid.net/specs/openid-caep-1_0-final.html OpenID RISC: https://openid.net/specs/openid-risc-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. These three Final Specifications are the product of the OpenID Shared […]
Shared Signals interop event at Authenticate 2025: Call for participation
The OpenID Foundation is excited to announce the first interoperability event testing against the soon-to-be-final Shared Signals Framework (SSF) specification at Authenticate 2025. This event will demonstrate interoperability on the final specification, after the membership votes on it as being ‘final’ by end of August), as per OIDF Process Document. It will serve as the […]
Notice of Vote to Approve Three Shared Signals Final Specifications
The two-week voting period will be between Monday, August 15, 2025 and Monday, August 29, 2025, once the 60 day review of the specification has been completed. The OpenID Shared Signals Working Group page is https://openid.net/wg/sharedsignals/. If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval […]
Strengthening cloud identity through open standards
The OpenID Foundation’s perspective on secure digital infrastructure The blog post released today by the Cybersecurity and Infrastructure Security Agency (CISA) Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration outlines vulnerabilities in cloud identity infrastructure and the urgent need to address these challenges. We applaud CISA’s call for public-private collaboration, and their […]
OpenID Foundation takes the stage at Identiverse 2025
Scaling interop, tackling delegated authority, and expanding global reach The OpenID Foundation Board was proud to present its ‘Take on the Landscape’ session on June 2, 2025, at Identiverse. Moderated by Executive Director Gail Hodges, the panel explored the OpenID Foundation’s rapidly expanding impact across the identity ecosystem, from scaled up interoperability testing to critical […]
Juggling with fire made easier: Provisioning with SCIM
Mike Kiser and Jen Schreiber Beyond the immediate promise of the Shared Signals Framework in managing live sessions through CAEP events, an event-based approach offers a compelling path forward for addressing longer-term identity challenges. One such challenge is identity lifecycle management, or provisioning and deprovisioning. Challenges of provisioning Many underestimate the challenges of provisioning; for […]
How AuthZEN, and Shared Signals & CAEP complement each other
Most cyber attacks leverage identities. These standards are our best defense against such attacks. Co-authored by Atul Tulshibagwale, CTO of SGNL, Co-chair of Shared Signals Working Group, and Corporate Board Member of OpenID Foundation, and Omri Gazitt, co-founder & CEO of Aserto and co-chair of AuthZEN Working Group. These days, most cyber attacks compromise employee […]