Latest News

News about the OpenID Foundation and the community at large

Announcing the Final Draft “Government-Issued Digital Credentials and the Privacy Landscape”

The OpenID Foundation is pleased announce the final publication of the white paper on “Government-Issued Identity Credentials and the Privacy Landscape,” published here (https://openid.net/Government-issued-Digital-Credentials-and-the-Privacy-Landscape-Final). The Foundation joins with five other non-profits (the Kantara Initiative, ID4Africa, Open Identity Exchange, Secure Identity Alliance, Better Identity Coalition, and the Trust Over IP Foundation)

Read More »

Second Implementer’s Draft of OpenID for Verifiable Presentations Specification Approved

Second Implementer’s Draft of OpenID for Verifiable Presentations Specification Approved The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the

Read More »

Public Review Period for Proposed Second Implementer’s Draft of OpenID for Verifiable Presentations Specification

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations This would be the second Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This

Read More »

2023 OpenID Foundation Board of Directors Election Results

I want to personally thank all Foundation members who voted in the 2023 elections for representatives to the OpenID Foundation board of directors. Each year Corporate members of the Foundation elect a member to represent them on the board with all Corporate members in good standing eligible to nominate and

Read More »

Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s

Read More »

Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s

Read More »

Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Native SSO for Mobile Apps 1.0 This is the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.

Read More »

Initiating User Registration via OpenID Connect is now a Final Specification

The OpenID Foundation membership has approved the following OpenID Connect specification as an OpenID Final Specification: Initiating User Registration via OpenID Connect A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-connect-prompt-create-1_0-final.html The voting

Read More »

Unmet Authentication Requirements is now a Final Specification

The OpenID Foundation membership has approved the following OpenID Connect specification as an OpenID Final Specification: OpenID Connect Core Error Code unmet_authentication_requirements A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-connect-unmet-authentication-requirements-1_0-final.html The voting

Read More »

Public Review Period for Two Proposed FAPI 2.0 Second Implementer’s Drafts

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public

Read More »

Fourth Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the fourth Implementer’s Draft of this specification. This specification

Read More »

The OpenID Connect Logout specifications are now Final Specifications

The OpenID Foundation membership has approved the following OpenID Connect specifications as OpenID Final Specifications: OpenID Connect Session Management 1.0 OpenID Connect Front-Channel Logout 1.0 OpenID Connect Back-Channel Logout 1.0 OpenID Connect RP-Initiated Logout 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not

Read More »

Public Review Period for Proposed Final JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) Specification

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the

Read More »

Second Implementer’s Draft of RISC Profile Approved

The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/openid-risc-profile-specification-1_0-ID2.html

Read More »

Public Review Period for Proposed Final OpenID Connect Logout Specifications

The OpenID OpenID Connect Working Group recommends approval of the following specifications as OpenID Final Specifications: OpenID Connect Session Management 1.0 OpenID Connect Front-Channel Logout 1.0 OpenID Connect Back-Channel Logout 1.0 OpenID Connect RP-Initiated Logout 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is

Read More »

Public Review Period for Second Proposed RISC Profile Implementer’s Draft

The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public

Read More »

First Implementer’s Drafts of OpenID Connect SIOPV2 and OIDC4VP Specifications Approved

The OpenID Foundation membership has approved the following specifications as OpenID Implementer’s Drafts: Self-Issued OpenID Provider v2 OpenID Connect for Verifiable Presentations An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the first Implementer’s Drafts of these specifications.

Read More »

First Implementer’s Draft of Initiating User Registration via OpenID Connect Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: Initiating User Registration via OpenID Connect An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. This specification

Read More »

First Public Review Period for OpenID Connect SIOPV2 and OIDC4VP Specifications Started

The OpenID Connect Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: Self-Issued OpenID Provider v2 OpenID Connect for Verifiable Presentations These would be the first Implementer’s Drafts of these specifications. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers

Read More »

The OpenID Foundation Welcomes Visa to the Board of Directors

The OpenID Foundation is pleased to welcome David Henstock, Head of Identity Products at Visa to the board of directors as a sustaining member. Visa joins an accomplished group of identity thought leaders including, Cisco, Google, KDDI, Microsoft, NRI Secure, Okta, Ping Identity, Verizon and Yahoo Ad Tech. The Board

Read More »

Third Implementer’s Draft of OpenID Connect Federation Specification Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect Federation 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the third Implementer’s Draft of this specification. This specification is a

Read More »

Third Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the third Implementer’s Draft of this specification. This specification

Read More »

Implementer’s Draft of FAPI Grant Management Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. The Implementer’s Draft is available at: https://openid.net/specs/fapi-grant-management-ID1.html The voting

Read More »

Third Public Review Period for OpenID Connect Federation Specification Started

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID Connect Federation 1.0 This would be the third Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This

Read More »

OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core is now a Final Specification

The OpenID Foundation membership has approved the following MODRNA specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0-final.html

Read More »

Implementer’s Drafts of Two SSE Specifications Approved

The OpenID Foundation membership has approved the following Shared Signals and Events (SSE) specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These

Read More »

Implementer’s Drafts of Two FAPI 2.0 Specifications Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the first FAPI 2.0 Implementer’s

Read More »

Public Review Period for Proposed FAPI Grant Management Implementer’s Draft

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period

Read More »

Public Review Period for Proposed RISC Profile Implementer’s Draft

The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: OpenID RISC Profile Specification An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review

Read More »

Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification

The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public

Read More »

Public Review Period for Two Proposed SSE Implementer’s Drafts

The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.

Read More »

Public Review Period for Two Proposed FAPI 2.0 Implementer’s Drafts

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public

Read More »

Welcoming Gail Hodges as Our New Executive Director

The OpenID Foundation is thrilled to welcome Gail Hodges as the new Executive Director of the OpenID Foundation. Those of you who already know Gail know that she’s passionate about enabling digital identity to serve the public good. She has extensive experience both in the digital identity space – for

Read More »

The 7 Laws of Identity Standards

The OpenID Foundation is proud to participate in the first ever ‘Identity Management Day,’ an annual awareness event that will take place on the second Tuesday in April each year. The inaugural Identity Management Day is April 13, 2021. Founded by the Identity Defined Security Alliance (IDSA), the mission of Identity Management Day

Read More »

Guest Blog: SecureAuth’s OpenID Foundation Membership Drives Interoperability and Authentication for Customer Identity Security Across Cloud and Mobile

Today, SecureAuth is an official member of the OpenID Foundation a non-profit international standardization organization committed to enabling, promoting and protecting OpenID technologies. As a distinguished member of the Foundation, SecureAuth also now has a voice in the elections for the governing body. SecureAuth Innovation Labs is dedicated to actively

Read More »

FAPI 1.0 Part 1 and Part 2 are now Final Specifications

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Final Specifications: Financial-grade API 1.0 – Part 1: Baseline Security Profile Financial-grade API 1.0 – Part 2: Advanced Security Profile A Final Specification provides intellectual property protections to implementers of the specification and is not subject

Read More »

The Identity, Unlocked “eKYC with Mark Haine” Podcast Now Live

The OpenID Foundation is pleased to sponsor the Identity, Unlocked podcast. This week’s episode “eKYC with Mark Haine” features host Vittorio Bertocci and special guest Mark Haine. The episode focuses on the work of the OpenID Foundation’s eKYC & Identity Assurance Working Group. Mark Haine is the Director at considrd.consulting

Read More »

Ministry of Economy, Trade and Industry and OpenID Foundation in Liaison Agreement on eKYC & IDA for Legal Entities

The OpenID Foundation (OIDF), the international standards development organization which maintains the OpenID Connect for Identity Assurance (OIDC4IDA) standard, and the Japanese Government’s Ministry of Economy, Trade and Industry (METI) have signed a liaison agreement to work together. Under the agreement, METI will lead policy efforts to implement identity assurance

Read More »

First Implementer’s Drafts of Three FastFed Specifications Approved

The OpenID Foundation membership has approved the following Fast Federation (FastFed) specifications as OpenID Implementer’s Drafts: FastFed Core 1.0 FastFed Basic SAML Profile 1.0 FastFed Basic SCIM Profile 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are

Read More »

Second Implementer’s Draft of OpenID Connect User Questioning API Specification Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect User Questioning API 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the second Implementer’s Draft of this specification. This specification

Read More »