10 Years On: OpenID Connect Published as an ISO/IEC Spec
Published October 7, 2024
The OpenID Connect Final specification was launched on February 26, 2014 with a vision of increased security, privacy, and usability on the internet. Ten years after that publication, we are delighted to announce that 9 OpenID Connect specifications are now published as ISO/IEC standards.
- ISO/IEC 26131:2024 — Information technology — OpenID connect — OpenID connect core 1.0 incorporating errata set 2
- ISO/IEC 26132:2024 — Information technology — OpenID connect — OpenID connect discovery 1.0 incorporating errata set 2
- ISO/IEC 26133:2024 — Information technology — OpenID connect — OpenID connect dynamic client registration 1.0 incorporating errata set 2
- ISO/IEC 26134:2024 — Information technology — OpenID connect — OpenID connect RP-initiated logout 1.0
- ISO/IEC 26135:2024 — Information technology — OpenID connect — OpenID connect session management 1.0
- ISO/IEC 26136:2024 — Information technology — OpenID connect — OpenID connect front-channel logout 1.0
- ISO/IEC 26137:2024 — Information technology — OpenID connect — OpenID connect back-channel logout 1.0 incorporating errata set 1
- ISO/IEC 26138:2024 — Information technology — OpenID connect — OAuth 2.0 multiple response type encoding practices
- ISO/IEC 26139:2024 — Information technology — OpenID connect — OAuth 2.0 form post response mode
We would like to thank the AB/Connect Working Group for their tireless efforts building and maintaining this family of specifications, including the process of applying errata corrections to the specifications, so that the ISO versions would have all known corrections incorporated.
OpenID Connect has been used by millions of developers and deployed in billions of applications worldwide. Publication by ISO as a Publicly Available Specifications (PAS) will enable even broader global adoption by enabling deployments within ecosystems and jurisdictions that require the use of specifications from standards bodies recognized by international treaties (such as ISO).
The OpenID Foundation remains committed to helping people assert their identities wherever they choose - and to do so by building identity standards that are secure, interoperable, and privacy-preserving. For the benefit of individual and ecosystem security all over the world, OIDF will soon follow this same process with other specification families. These include the FAPI 1.0 and eKYC-IDA specifications, and once they’re final, the FAPI 2.0 specifications.
Many thanks to all of OIDF spec authors, implementers, members, and contributors who have ensured the success of OpenID Connect over the last 10 years!
About the OpenID Foundation
The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, the Financial Grade API has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling “networks of networks” to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate.
Find out more at openid.net.
