Presentation is loading. Please wait.

Presentation is loading. Please wait.

OpenID Connect Working Group

Published byStella Randall Modified over 6 years ago

Similar presentations

Presentation on theme: "OpenID Connect Working Group"— Presentation transcript:

1 OpenID Connect Working Group
October 16, 2017 Michael B. Jones Identity Standards Architect – Microsoft

2 Working Together OpenID Connect

3 You’re Probably Already Using OpenID Connect!
If you log in at AOL, Deutsche Telekom, Google, Microsoft, mixi, NEC, NTT, Salesforce, Softbank, Symantec, Verizon, or Yahoo! Japan or have an Android phone, you’re already using OpenID Connect Many other sites and apps large and small also use OpenID Connect

4 OpenID Connect

5 Topics Federation Specification Session Management / Logout
Second Errata Set Current Related Work OpenID Connect Certification

6 Federation Specification
Roland Hedberg created OpenID Connect Federation specification Enables establishment and maintenance of multi-party federations using OpenID Connect Defines hierarchical JSON-based metadata structures for federation participants

7 Session Management / Logout
Three approaches being pursued by the working group: Session Management Uses HTML5 postMessage to communicate state change messages between OP and RP iframes Front-Channel Logout Uses HTTP GET to load image or iframe, triggering logout Similar to options in SAML, WS-Federation Back-Channel Logout Server-to-communication not using the browser Can be used by native applications, which have no active browser All support multiple logged in sessions from OP at RP Unfortunately, no one approach best for all use cases All became Implementer’s Drafts in March 2017

8 Second Errata Set Errata process corrects typos, etc. discovered
Makes no normative changes Edits under way for second errata set See for current Core errata draft Waiting for OAuth AS metadata spec draft-ietf-oauth-discovery to finish To register OpenID Discovery metadata values Expect a call for review later this year

9 Current Related Work International Government Profile (iGov) Working Group Developing OpenID Connect profile for government & high-value commercial applications Enhanced Authentication Profile (EAP) Working Group Enables Token Bound ID Tokens Enables integration with FIDO and other phishing-resistant authentication solutions

10 OpenID Certification OpenID Certification enables OpenID Connect implementations to be certified as meeting requirements of defined conformance profiles Now OP and RP certification profiles for: Basic OP and Basic RP Implicit OP and Implicit RP Hybrid OP and Hybrid RP OP Publishing and RP Using Configuration Information Dynamic OP and Dynamic RP See and And accompanying certification presentation!

11 Open Conversation How are you using OpenID Connect?
What would you like the working group to know?

Download ppt "OpenID Connect Working Group"

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).

Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).
Oracle IDM at First National Bank

Oracle IDM at First National Bank
Windows Azure AppFabric Caching Service Bus Access Control Integration Composite App (WF, WCF)

Windows Azure AppFabric Caching Service Bus Access Control Integration Composite App (WF, WCF)
OpenID Connect Update May 14, 2013 Dr. Michael B. Jones Identity Standards Architect – Microsoft.

OpenID Connect Update May 14, 2013 Dr. Michael B. Jones Identity Standards Architect – Microsoft.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
OpenID Connect Update and Discussion Mountain View Summit – September 12, 2011 Mike Jones – Microsoft John Bradley – Independent Nat Sakimura – Nomura.

OpenID Connect Update and Discussion Mountain View Summit – September 12, 2011 Mike Jones – Microsoft John Bradley – Independent Nat Sakimura – Nomura.
OpenID Connect Working Group April 6, 2015 Mike Jones Identity Standards Architect – Microsoft.

OpenID Connect Working Group April 6, 2015 Mike Jones Identity Standards Architect – Microsoft.
IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.
SWITCHaai Team Introduction to Shibboleth.

SWITCHaai Team Introduction to Shibboleth.
IIW 2008b Report November 10-12 2008, Mountain View Abbie Barbir Nortel OASIS IDtrust Steering.

IIW 2008b Report November , Mountain View Abbie Barbir Nortel OASIS IDtrust Steering.
FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.

FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.
The Internet Identity Layer OpenID Connect Update for HIT Standards Committee’s Privacy and Security Workgroup Wednesday, March 12th from 10:00-2:45 PM.

The Internet Identity Layer OpenID Connect Update for HIT Standards Committee’s Privacy and Security Workgroup Wednesday, March 12th from 10:00-2:45 PM.
Chad La Joie Shibboleth’s Future.

Chad La Joie Shibboleth’s Future.
Openid Connect https://store.theartofservice.com/the-openid-connect-toolkit.html.

Openid Connect
Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.

Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.
101 ways to authenticate with Azure Active Directory

101 ways to authenticate with Azure Active Directory
Observations from the OAuth Feature Survey Mike Jones March 14, 2013 IETF 86.

Observations from the OAuth Feature Survey Mike Jones March 14, 2013 IETF 86.
All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October 2015 1.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October

Similar presentations

Ads by Google