Public Review Period for Two Proposed EAP Implementer’s Drafts

The OpenID Enhanced Authentication Profile (EAP) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: OpenID Connect Token Bound Authentication 1.0 OpenID Connect Extended Authentication Profile (EAP) ACR Values 1.0 The first specification enables OpenID Connect implementations to apply Token Binding to the OpenID Connect ID Token. […]


Guest Blog: Formal Analysis of the OpenID Financial-grade API

Guest blog post by Daniel Fett (yes.com), Pedram Hosseyni, and Ralf Küsters (University of Stuttgart). The security of a web protocol is crucial, especially in the domain of financial applications and in other high-stakes environments. For identifying weaknesses in protocols and ensuring security, formal protocol analysis is the state-of-the-art method. […]


Implementer’s Drafts of Four HEART Specifications Approved

The OpenID Foundation membership has approved the following Health Relationship Trust (HEART) specifications as OpenID Implementer’s Drafts: Health Relationship Trust Profile for OAuth 2.0 Health Relationship Trust Profile for Fast Healthcare Interoperability Resources (FHIR) OAuth 2.0 Scopes Health Relationship Trust Profile for User-Managed Access 2.0 Health Relationship Trust Profile for […]


Registration Open for OpenID Foundation Workshop at Verizon Media on Monday, April 29, 2019   Recently updated !

OpenID Foundation Workshops provide insight and influence on important Internet identity standards. The workshops provide updates on the work happening within OpenID Foundation working groups as well as updates on the OpenID Certification Program. Leading technologists from Verizon Media, Google, Microsoft, Amazon, Yubico, Verizon and others will update key issues […]


OpenID Certification Program Expansion and Fee Update

The OpenID Foundation launched the OpenID Certification Program in 2015. The Program enables organizations to certify that their OpenID Connect implementations conform to specified profiles of the OpenID Connect standard. The certification program is a tool to help ensure that implementations by different parties will interoperate. It provides assurance to […]


Notice of Vote for Implementer’s Drafts of Four HEART Specifications

The official voting period will be between Monday, March 4, 2019 and Monday, March 11, 2019, following the 45 day review of the specifications. For the convenience of members, voting will actually open on Monday, February 25, 2019 for members who have completed their reviews by then, with the voting […]


OpenID Foundation Board Leadership in 2019

Thank you to all who voted in the 2019 election for representatives to the OpenID Foundation Board of Directors. Per our bylaws, three individual community board members are elected.  The term of George Fletcher has an additional year remaining on his 2-year term. I want to thank George for his continued service. […]


Implementer’s Drafts of Two iGov Specifications Approved

The OpenID Foundation membership has approved the following International Government Assurance Profile (iGov) specifications as OpenID Implementer’s Drafts: International Government Assurance Profile (iGov) for OAuth 2.0 International Government Assurance Profile (iGov) for OpenID Connect 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to […]