A list of selected specifications in the OAuth & OpenID spaces and where to find them.
Abbreviations/key:
- ImD: Implementer's Draft (OIDF, provides IPR protection to the Implementers)
- WG: Working Group Draft
- InD: Individual Draft
- ED: Editor's Copy (version that reflects the most recent changes since the last WG draft)
- Git: Git Repository of the specification
* marks a status that is not yet official, under discussion, or proposed.
To propose an addition/modification, please send a pull request against the data.yml file in the source branch.
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| SD-JWT | Selective Disclosure for JWTs | IETF OAuth | Working Group Draft | WD ED Git |
| SD-JWT VC | Verifiable Credentials with SD-JWT | IETF OAuth | Working Group Draft | WD ED Git |
| JWT and CWT Status List | Status list mechanism for JWT and CWT credentials | IETF OAuth* | Individual Draft | ED InD Git |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| OpenID for Verifiable Presentations | OAuth 2.0-based mechanism for presentation of VCs | OpenID Connect | 2nd Implementer's Draft | ImD WD ED Git |
| OpenID for VC Issuance | OAuth 2.0-based authorization for VC issuance | OpenID Connect | Working Group Draft | WD ED Git |
| Self-Issued OpenID Provider v2 (SIOPv2) | Enables End-Users to use OpenID Providers (OPs) that they control | OpenID Connect | 1st Implementer's Draft | WD ED Git |
| OpenID for Verifiable Presentations over BLE | Using BLE for requesting the presentation of VCs | OpenID Connect | Working Group Draft | WD ED Git |
| OpenID Connect UserInfo Verifiable Credentials | UserInfo endpoint responses with Verifiable Credentials | OpenID Connect | Working Group Draft | WD ED Git |
| Security and Trust in OpenID for Verifiable Credentials Ecosystems | Structured Security Analysis | OpenID DCP* | Working Group Draft | Git |
| OAuth 2.0 Attestation-Based Client Authentication | IETF OAuth WG | Working Group Draft | ED Git |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| OpenID4VC High Assurance Interoperability Profile with SD-JWT VC | TBD | Draft | ED Git |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| DIF Presentation Exchange | DIF | Draft | ED Git |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| OpenID Connect for Identity Assurance 1.0 | OpenID eKYC & IDA | OpenID eKYC & IDA | Implementer's Draft 4 | ImD WD ED Git |
| OpenID Identity Assurance Schema Definition 1.0 | Separated Schema definition document for IDA | OpenID eKYC & IDA | Working Group Draft | ED Git |
| OpenID Connect Authority claims extension | OpenID eKYC & IDA | Implementer's Draft 1 | ED Git | |
| OpenID Connect for Identity Assurance Claims Registration 1.0 | OpenID eKYC & IDA | Implementer's Draft 1 | ED Git | |
| OpenID Attachments 1.0 | OpenID eKYC & IDA | Implementer's Draft 1 | ED Git | |
| OpenID Connect Advanced Syntax for Claims (ASC) | Syntax extensions for OIDC claim requests | OpenID eKYC & IDA | Working Group Draft | ED Git |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| FAPI 2.0 Attacker Model | OpenID FAPI | Implementer's Draft 2 | ImD ED Git | |
| FAPI 2.0 Security Profile | OpenID FAPI | Implementer's Draft 2 | ImD ED Git | |
| FAPI 2.0 Message Signing | OpenID FAPI | Working Group Draft | ED Git |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| OAuth 2.0 | IETF OAuth | RFC6749 | RFC |
| Name | Description | Working Group | Status | Links |
|---|---|---|---|---|
| Cross-Device Flows: Security Best Current Practice | describes threats against cross-device flows and mitigations | IETF OAuth | Working Group Draft | WG ED Git |
| OAuth 2.0 Security Best Current Practice | describes security threats against OAuth 2.0 deployments and mitigations | IETF OAuth | Working Group Draft | WG ED Git |