OpenID Federation Overview
The OpenID Federation 1.0 specification defines a mechanism that enables organizations and their technical resources–Entities–such as Identity Providers/Authorization Servers (OpenID Providers or OPs) and Relying Parties (RPs, i.e., applications or clients)—to establish mutual trust without requiring a direct relationship.
In OpenID Federation, trust is established through a Trust Chain, allowing the OP to accept OAuth/OIDC requests from RPs without requiring prior registration of the RP.
OpenID Federation Use Cases
-
Open Data Ecosystems: Used to create national and international Open Data Ecosystems like Open Finance, Open Insurance, and more.
-
National eID Systems: Used in national electronic identity systems to federate multiple identity providers.
-
Digital Wallets: Being explored for use in projects like the EU’s EUDI wallet for secure identity management.
-
IoT and Verifiable Credentials: Applicable in IoT and verifiable credentials spaces due to its generic nature.
Federation Entities
Learn about OpenID Federation entity types and entity statements.
Trust Chain
Learn about OpenID Federation Trust Chains. Understand how Trust Chain is constructed and resolved and what are the neccessary steps to establish and verify trust.
Policies
Learn what OpenID Federation policies are, what is their purpose, and how they are defined.
