As digital life now extends beyond our lifespans, most societies remain unprepared for what happens when people die or become incapacitated, leaving behind their online assets. A comprehensive new research paper is now open for public comment: “The Unfinished Digital Estate: Culture, Law, and Technology After Death.” This paper, published by the OpenID Foundation, addresses […] The post Whitepaper open for comment: The Unfinished Digital Estate: Culture, Law, and Technology After Deat...| OpenID Foundation
Supporting Australia’s Digital Trust Ecosystem The OpenID Foundation’s Australian Digital Trust Community Group (ADT CG) has submitted comments to Australia’s Productivity Commission on its Interim Report covering data and digital technology policy, demonstrating the Foundation’s commitment to supporting policy development in Australia through expert technical guidance and industry collaboration. The ADT CG serves as a […] The post Australian Digital Trust Community Group responds t...| OpenID Foundation
The voting period will be between Thursday, October 2, 2025 and Thursday, October 19, 2025, following the 45 day review of the specification. The OpenID Connect Working Group page is https://openid.net/wg/connect/. If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote. Information on joining the OpenID Foundation […] The post Notice of Vote for Proposed Second Implementer’s Draft of OpenID Connect Native SSO for...| OpenID Foundation
The OpenID Foundation continues to support government partners, with the OpenID Foundation’s Chairman Nat Sakimura recently leading the organization’s expert guidance to Japan’s Financial Services Agency (FSA) on strengthening cybersecurity defences for securities and trading companies facing sophisticated phishing attacks. Japanese financial firms have been experiencing increasingly sophisticated phishing and unauthorized access attacks, prompting the […] The post OIDF supports Japan...| OpenID Foundation
The OpenID Foundation membership has approved the following as an OpenID Final Specification: OpenID for Verifiable Credential Issuance 1.0: https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This Final Specification is the product of the OpenID DCP Working Group. The voting results were: Approve […] The post OpenID for...| OpenID Foundation
Industry wide adoption of standardized security event sharing now possible. Three specifications to enable instant security coordination across all connected systems worldwide. This crucial development will make Zero Trust architectures achievable at global scale. San Ramon, CA, 16 September 2025 – The OpenID Foundation (OIDF), a global leader in open identity standards, has approved […] The post PRESS RELEASE: OpenID Foundation finalizes global standards for real-time identity securit...| OpenID Foundation
The OpenID Foundation will be holding a hybrid workshop on Mon 20th October 2025, just ahead of the Fall 2025 Internet Identity Workshop (IIW). (We are waiting on a discount code for OIDF members and will forward this ASAP!) This hybrid event will take place both in person at Cisco’s Santana Row offices in San Jose, […] The post Registration Open for OpenID Foundation Hybrid Workshop at Cisco on Mon 20th October 2025 first appeared on OpenID Foundation.| OpenID Foundation
Learn how SSF/CAEP enables real-time security responses while STIX/TAXII powers threat intelligence. Expert analysis by Okta's Apoorva Deshpande| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Connect RP-Initiated Logout 1.0| openid.net
OpenID Connect Dynamic Client Registration 1.0| openid.net
OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1| openid.net
Apache Server at openid.net Port 80| openid.net
The OpenID Foundation membership has approved the following three specifications as an OpenID Final Specifications: OpenID Shared Signals Framework: https://openid.net/specs/openid-sharedsignals-framework-1_0-final.html OpenID CAEP: https://openid.net/specs/openid-caep-1_0-final.html OpenID RISC: https://openid.net/specs/openid-risc-1_0-final.html A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. These...| OpenID Foundation
The two-week voting period will be between Wednesday, September 10, 2025 and Wednesday, September 24, 2025, once the 60 day review of the specification has been completed.The FAPI working group page: https://openid.net/wg/fapi. If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote. Information on joining the| OpenID Foundation - Helping people assert their identity wherever they choose
Blog authored by Mark Haine.The OpenID Foundation submitted comments to the CFPB on the recent Open Banking rule 1033 on Friday, December 29, 2023. The cover note to the CFPB is provided in full below, and the detailed comments can be viewed here. We are proud to support the CFPB in their due diligence on this| OpenID Foundation - Helping people assert their identity wherever they choose
This document defines the Continuous Access Evaluation Profile (CAEP) of the Shared Signals Framework . It specifies a set of event types conforming to the Shared Signals Framework. These event types are intended to be used between cooperating Transmitters and Receivers such that Transmitters may send continuous updates using which Receivers can attenuate access to shared human or robotic users, devices, sessions and applications.| openid.net
State officials from 6 leading US states discuss mobile driver's license adoption, use cases, and resident satisfaction at the Federal mDL Industry Day.| OpenID Foundation - Helping people assert their identity wherever they choose
The AB/Connect working group is a combined working group of the Artifact Binding (AB) Working Group and the Connect Working Group aimed at producing the OAuth 2.0 based “OpenID Connect” specifications. It also includes a project named OpenID for Verifiable Credentials which consists of three specifications.| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. This document describes a mechanism that allows a mobile app to share the identity/authentication obtained by a different mobile app where both apps are written by the same vendor and i...| openid.net
Public Review Period for Proposed Second Implementer’s Draft of OpenID Connect Native SSO for Mobile Apps The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft:OpenID Connect Native SSO for Mobile Apps 1.0This would be the second Implementer’s Draft of this specification.An Implementer’s Draft is a stable version of a specification| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Foundation announces SSF interoperability testing at Authenticate 2025, demonstrating final Shared Signals Framework specs for enhanced security.| OpenID Foundation - Helping people assert their identity wherever they choose
The two-week voting period will be between Monday, August 15, 2025 and Monday, August 29, 2025, once the 60 day review of the specification has been completed. The OpenID Shared Signals Working Group page is https://openid.net/wg/sharedsignals/. If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote. Information| OpenID Foundation - Helping people assert their identity wherever they choose
OIDF leads discussion at IGF 2025 on balancing digital identity interoperability with sovereignty for developing countries, with ey insights on inclusion.| OpenID Foundation - Helping people assert their identity wherever they choose
Our mission is to lead the global community in creating digital identity standards that are secure, interoperable, and privacy-preserving.| OpenID Foundation - Helping people assert their identity wherever they choose
Financial-grade API - Part 2: Read and Write API Security Profile| openid.net
Financial-grade API - Part 1: Read-Only API Security Profile| openid.net
Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)| openid.net
Financial-grade API: Client Initiated Backchannel Authentication Profile| openid.net
OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 2| openid.net
Work Groups are focused on a specific problem, technology, or opportunity. Members work to deliver a specification or profile according to a charter.| OpenID Foundation - Helping people assert their identity wherever they choose
This specification defines an API for the issuance of Verifiable Credentials.| openid.net
An intense and unforgettable two days for the OpenID Foundation at the March 2025 Gartner Identity & Access Management Summit in London.| OpenID Foundation - Helping people assert their identity wherever they choose
This paper explains the FAPI WG recommendations related to OAuth2 Grant Management and Rich Authorization Requests (RAR) to enable fine-grained authorization.| OpenID Foundation - Helping people assert their identity wherever they choose
The FAPI working group provides JSON data schemas, security and privacy recommendations and protocols to enable applications to utilize the data stored in a financial account, to enable applications to interact with a financial account, and enable users to control the security and privacy settings.| OpenID Foundation - Helping people assert their identity wherever they choose
Latest Papers The latest whitepapers published by the OpenID Foundation or co-branded by the OpenID Foundation. For more information on the whitepaper process and approach, refer to the Whitepaper Process document.| OpenID Foundation - Helping people assert their identity wherever they choose
The OpenID Foundation is pleased to announce a new Whitepaper Process as approved by the Board of Directors on October 9, 2023. OIDF-led and co-led whitepapers help ecosystem stakeholders understand the wider landscape and the role of OIDF standards within that wider landscape. Such whitepapers make OIDF’s global, technical expertise more accessible to ecosystem stakeholders, technical experts, and laypeople alike. The OIDF| OpenID Foundation - Helping people assert their identity wherever they choose
Latest News Current news about the OpenID Foundation and the community at large. Please visit the News Archive to view news older than two years.| OpenID Foundation - Helping people assert their identity wherever they choose
Join the OpenID Foundation Membership Membership is affordable and designed to be inclusive of individuals, non-profits, government entities, and organizations of all sizes and types who collectively share an interest in the vision and mission of the OpenID Foundation.The OpenID Foundation Member Agreement for review. You are encouraged to join the Foundation using the online| OpenID Foundation - Helping people assert their identity wherever they choose
Events OpenID Foundation Workshops provide insight and influence on important Internet identity standards. The workshops provide updates on the work happening within OpenID Foundation working groups as well as updates on the OpenID Certification Program. Leading technologists from member organizations and others provide updates on key issues and discuss how they help meet social, enterprise and| OpenID Foundation - Helping people assert their identity wherever they choose
What are OpenID Specifications OpenID specifications are developed by working groups in three phases: Drafts, Implementer’s Drafts, and Final Specifications. Implementer’s Drafts and Final Specifications provide intellectual property protections to implementers. Final Specifications are OpenID Foundation standards. Final Specifications FAPI working group specifications FAPI 2.0 Security Profile – A secured OAuth profile that aims to provide specific| OpenID Foundation - Helping people assert their identity wherever they choose
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID for Verifiable Presentations: https://openid.net/specs/openid-4-verifiable-presentations-1_0-ID3.htmlAn Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This Implementer’s Draft is a product of the AB/Connect working group. The voting results were:Approve – 91 votesObject - 3 votes...| OpenID Foundation - Helping people assert their identity wherever they choose
The California DMV and the OpenID Foundation recently hosted two to advance digital identity through California’s mobile Driver’s License (mDL).| OpenID Foundation - Helping people assert their identity wherever they choose
The OpenID Foundation's Digital Identity Round-Up presents our scan of the media and news related to Digital Identity, Standards, and Open Banking.| OpenID Foundation - Helping people assert their identity wherever they choose
OIDF's Shared Signals WG is showcasing shared signals interoperability at the Gartner Identity and Access Management (IAM) Summit, in Grapevine, Texas.| OpenID Foundation - Helping people assert their identity wherever they choose
The OIDF FAPI Working Group recommends approval of FAPI 2.0 Security Profile and FAPI 2.0 Attacker Model as Final Specifications.| OpenID Foundation - Helping people assert their identity wherever they choose
The 2024 OIDF election of Community Representatives is opening today. Board Members facilitate progress and guide the strategic direction of the Foundation.| OpenID Foundation - Helping people assert their identity wherever they choose
OIDF is proud to announce its return to the Gartner Identity and Access Management Summit, to be held in Grapevine, Texas, from December 9th to 11th, 2024.| OpenID Foundation - Helping people assert their identity wherever they choose
The official voting period will be between Tuesday, December 17, 2024 and Tuesday, December 24, 2024 (12:00pm PT), once the 45 day review of the specification has been completed. For the convenience of members who have completed their reviews by then, voting will actually begin on Tuesday, December 10, 2024.The AB Connect work group page is https://openid.net/wg/connect/.| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Authentication 2.0 - Final| openid.net
The Shared Signals working group is providing data sharing schemas, privacy recommendations and protocols to share security event information to thwart attackers from leveraging compromised accounts from one Service Provider to gain access to accounts on other Service Providers and enable users and providers to coordinate to securely restore accounts following a compromise| OpenID Foundation - Helping people assert their identity wherever they choose
The OpenID Foundation recommends that the CFPB mandate a standardized Communications Protocol for US open banking. It highlights key security and market risks.| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Connect Front-Channel Logout 1.0| openid.net
About OpenID The OpenID Foundation's vision is to help people assert their identity wherever they choose. And our mission is to lead the global community in creating identity standards that are secure, interoperable, and privacy-preserving. Founded in 2007, the OpenID Foundation (OIDF) is a non-profit open standards body developing identity and security specifications that serve billions| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Certification The OpenID Foundation enables deployments of OpenID Connect and the Financial-grade API (FAPI) Read/Write Profile to be certified to specific conformance profiles to promote interoperability among implementations. The OpenID Foundation’s certification process utilizes self-certification and conformance test suites developed by the Foundation. Certified implementations can use the “OpenID Certified” certification mark.Learn more about| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Connect Session Management 1.0| openid.net
What is OpenID Connect OpenID Connect is an interoperable authentication protocol based on the OAuth 2.0 framework of specifications (IETF RFC 6749 and 6750). It simplifies the way to verify the identity of users based on the authentication performed by an Authorization Server and to obtain user profile information in an interoperable and REST-like manner.OpenID| OpenID Foundation - Helping people assert their identity wherever they choose
OpenID Connect Discovery 1.0 incorporating errata set 2| openid.net
OpenID Connect Core 1.0 incorporating errata set 2| openid.net