A list of selected specifications in the OAuth & OpenID spaces and where to find them.
Abbreviations/key:
- ImD: Implementer's Draft (OIDF, provides IPR protection to the Implementers)
- WG: Working Group Draft
- InD: Individual Draft
- ED: Editor's Copy (version that reflects the most recent changes since the last WG draft)
- Git: Git Repository of the specification
* marks a status that is not yet official, under discussion, or proposed.
To propose an addition/modification, please send a pull request against the data.yml
file in the source
branch.
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
SD-JWT | Selective Disclosure for JWTs | IETF OAuth | Working Group Draft | WD ED Git |
SD-JWT VC | Verifiable Credentials with SD-JWT | IETF OAuth | Working Group Draft | WD ED Git |
JWT and CWT Status List | Status list mechanism for JWT and CWT credentials | IETF OAuth* | Individual Draft | ED InD |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
OpenID for Verifiable Presentations | OAuth 2.0-based mechanism for presentation of VCs | OpenID Connect | 2nd Implementer's Draft | ImD WD ED Git |
OpenID for VC Issuance | OAuth 2.0-based authorization for VC issuance | OpenID Connect | Working Group Draft | WD ED Git |
Self-Issued OpenID Provider v2 (SIOPv2) | Enables End-Users to use OpenID Providers (OPs) that they control | OpenID Connect | 1st Implementer's Draft | WD ED Git |
OpenID for Verifiable Presentations over BLE | Using BLE for requesting the presentation of VCs | OpenID Connect | Working Group Draft | WD ED Git |
OpenID Connect UserInfo Verifiable Credentials | UserInfo endpoint responses with Verifiable Credentials | OpenID Connect | Working Group Draft | WD ED Git |
Security & Trust | Structured Security Analysis | OpenID Connect* | Early Draft | ED Git |
OAuth 2.0 Attestation-Based Client Authentication | IETF OAuth WG | Working Group Draft | ED Git |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
OpenID4VC High Assurance Interoperability Profile with SD-JWT VC | TBD | Draft | ED Git |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
DIF Presentation Exchange | DIF | Draft | ED Git |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
OpenID Connect for Identity Assurance 1.0 | OpenID eKYC & IDA | Implementer's Draft 4 | ImD WD ED Git | |
OpenID Connect Authority claims extension | OpenID eKYC & IDA | Implementer's Draft 1 | ED Git | |
OpenID Connect Advanced Syntax for Claims (ASC) | Syntax extensions for OIDC claim requests | OpenID eKYC & IDA | Working Group Draft | ED Git |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
FAPI 2.0 Attacker Model | OpenID FAPI | Implementer's Draft 2 | ImD ED Git | |
FAPI 2.0 Security Profile | OpenID FAPI | Implementer's Draft 2 | ImD ED Git | |
FAPI 2.0 Message Signing | OpenID FAPI | Working Group Draft | ED Git |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
OAuth 2.0 | IETF OAuth | RFC6749 | RFC Git |
Name | Description | Working Group | Status | Links |
---|---|---|---|---|
Cross-Device Flows: Security Best Current Practice | describes threats against cross-device flows and mitigations | IETF OAuth | Working Group Draft | WG ED Git |
OAuth 2.0 Security Best Current Practice | describes security threats against OAuth 2.0 deployments and mitigations | IETF OAuth | Working Group Draft | WG ED Git |