Learn OpenID Federation

Resources

Specifications, implementations, key people, and community links for OpenID Federation.

Official Specifications

Title	Description	Status
OpenID Federation 1.0	The core specification for multilateral federation.	Final

In-Progress Specifications & Extensions

Title	Description	Status
OpenID Federation 1.1	Protocol-independent successor — Entity Statements, Trust Chains, Metadata, Policies, Trust Marks, Federation Endpoints.	Draft
OpenID Federation for OpenID Connect 1.1	Protocol-specific successor — OAuth 2.0 / OpenID Connect entity types, client registration flows.	Draft
OpenID Federation Wallet Architectures	Trust establishment for Wallet ecosystems with OpenID Federation.	Draft
OpenID Federation Extended Listing	Subordinate Listings Specification for large-scale federations.	Draft

Related RFCs

Title	Description
RFC 7515 — JSON Web Signature (JWS)	Compact serialization used for all Entity Statements and Trust Marks.
RFC 7516 — JSON Web Encryption (JWE)	Optional encryption serialization format used alongside JWS in the specification.
RFC 7517 — JSON Web Key (JWK)	Key representation used in the jwks claim.
RFC 7519 — JSON Web Token (JWT)	Base token format for Entity Statements and Trust Marks.
RFC 7591 — OAuth 2.0 Dynamic Client Registration Protocol	Defines the client metadata vocabulary that federation client registration builds on.
RFC 7638 — JSON Web Key (JWK) Thumbprint	Computes key thumbprints recommended for use as Key IDs in federation JWKS.
RFC 8414 — OAuth 2.0 Authorization Server Metadata	Defines the authorization server metadata model that federation extends for the oauth_authorization_server entity type.
RFC 9101 — The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR)	Request Objects used in automatic client registration.
RFC 9126 — OAuth 2.0 Pushed Authorization Requests	Alternative delivery mechanism for signed Request Objects during automatic registration.
RFC 9728 — OAuth 2.0 Protected Resource Metadata	Defines the protected resource metadata model that federation uses for the oauth_resource entity type.