OpenID Foundation Launches New Microsite Focused on Open Banking and Fintech Developers
The OpenID Foundation has launched a new microsite focused on global open banking initiatives and providing resources for fintech developers implementing the Foundation’s Financial-grade API (FAPI). In 2017, the OpenID Foundation’s Financial-grade API (FAPI) Working Group published specifications enabling high-security API access, suitable for accessing financial data and facilitating financial transactions. In 2018, the UK […]
Apple Successfully Implements OpenID Connect with Sign In with Apple
September 30, 2019 Mr. Craig Federighi Apple Senior Vice President of Software Engineering One Apple Park Way Cupertino, CA 95014 RE: Apple Successfully Implements OpenID Connect with Sign In with Apple Dear Mr. Federighi, As you are likely aware, on behalf of the OpenID Foundation Board of Directors, I published an open letter to you […]
Registration Open for OpenID Foundation Workshop at Verizon Media on Monday, April 29, 2019
OpenID Foundation Workshops provide insight and influence on important Internet identity standards. The workshops provide updates on the work happening within OpenID Foundation working groups as well as updates on the OpenID Certification Program. Leading technologists from Verizon Media, Google, Microsoft, Amazon, Yubico, Verizon and others will update key issues and discuss how they help […]
The OpenID Foundation Launches the OpenID Connect Standard
Providing Increased Security, Usability, and Privacy on the Internet RSA 2014 and Mobile World Congress- San Francisco, CA, and Barcelona, Spain – Feb. 26, 2014 – The OpenID Foundation announced today that its membership has ratified the OpenID Connect standard. Organizations and businesses can now use OpenID Connect to develop secure, flexible, and interoperable identity […]
Vulnerability Alert – OpenID 2.0 Implementations Vulnerabilities found in some OPs
Please be advised a number of OpenID Authentication 2.0 server implementations were found to be vulnerable due to non-compliance to the normative requirements of the OpenID Authentication 2.0 specification. The nature of the vulnerability In section 11.4.2.1 of the OpenID Authentication 2.0, it is stated that “For verifying signatures an OP MUST only use private […]
Second OpenID Connect Implementer’s Drafts Approved
The OpenID membership has approved the following specifications as OpenID Implementer’s Drafts in the vote held from July 23 and July 30, 2013: Basic Client Profile – Simple, self-contained profile for a Web-based Relying Parties using the OAuth code flow. Implicit Client Profile – Simple, self-contained profile for a Web-based Relying Parties using the OAuth […]
Announcing the OpenID Backplane Protocol Work Group
For website owners, enabling web applications to talk to one another within the same web page can be frustrating and can take countless hours of development. How should apps communicate with each other in a meaningful way? The OpenID Foundation’s new Backplane Protocol Work Group is focused on this exact problem — helping website owners, […]
OpenID Connect Implementer’s Drafts Approved
The OpenID membership has approved the following specifications as OpenID Implementer’s Drafts in the vote held from February 7th to 15th, 2012: • Basic Client Profile – Simple self-contained specification for a web-based Relying Party. (This spec contains a subset of the information in Messages and Standard.) • Discovery – Defines how user and provider endpoints […]
REMINDER – OpenID “Connect Tech” Summit – September 12-13, 2011
The OpenID Foundation is launching its third OpenID Summits for 2011. This event is co-sponsored by Microsoft and will be held at the Microsoft Research Campus in Mountain View. The OpenID Foundation’s 2011 series of OpenID Summits focuses on use cases and topics of interest to key developers, executives and analysts in the online identity […]
Current Map for OpenID Connect
There is now a set of functionally complete specifications for OpenID Connect. The diagram below shows the relationships between the current specs and contains links to each of them. These specifications are ready for early developer feedback and prototype implementation work. Please send feedback on them to the OpenID Artifact Binding Working Group Mailing List. […]