Going DeeperΒ·Lesson 12β Frequently Asked QuestionsCommon questions from basics to operationsBasics4 questionsWhat's the difference between OpenID Connect and OpenID Federation?Can I use OpenID Federation without OpenID Connect?What problem does federation solve that plain OIDC doesn't?How is this different from SAML federation?Trust & Security4 questionsWhat happens if a Trust Anchor's key is compromised?How do I revoke an entity?Can two separate federations interoperate?What prevents a rogue intermediate?Implementation4 questionsDo I need to implement all 9 endpoints?What's the minimum viable federation?How do I migrate from non-federated OIDC?Which signing algorithms should I use?Operations4 questionsWhat's the recommended statement lifetime (exp)?How should key rotation be handled?How does caching work?How do I monitor federation health?Sources & ReferencesOpenID Federation 1.0 β Full SpecificationOpenID Federation 1.0, Section 11 β Updating Metadata, Key Rollover, and RevocationOpenID Federation 1.0, Section 6.2 β ConstraintsFederation Topology DesignGlossary