Guest Blog: Financial-grade API (FAPI), Explained by an Implementer – Updated
NOTE: This article was updated to align to the FAPI 1.0 Final version which was published in March, 2021. Introduction Financial-grade API (FAPI) is a technical specification that Financial-grade API Working Group of OpenID Foundation has developed. It uses OAuth
“Exploring Financial-grade API (FAPI) with Torsten” Podcast is Live
The OpenID Foundation is pleased to sponsor the Identity, Unlocked second season premiere podcast featuring host Vittorio Bertocci and special guest Torsten Lodderstedt, “Exploring Financial-grade API (FAPI) with Torsten”. Torsten
Collaboration at the Core: The OpenID Foundation and the UK Open Banking Implementation Entity Host Conformance and Certification Workshop
The OpenID Foundation (OIDF) and our development partner, the UK Open Banking Implementation Entity (OBIE), recently hosted a workshop focused on Financial-grade API (FAPI) conformance and certification. It was a
Guest Blog: Financial-grade API (FAPI) Explained by an Implementer
Introduction Financial-grade API (FAPI) is a technical specification that Financial-grade API Working Group of OpenID Foundation has developed. It uses OAuth 2.0 and OpenID Connect (OIDC) as its base and defines additional technical requirements for the financial industry and other
Guest Blog: Implementing App-to-App Authorisation in OAuth2/OpenID Connect
What is app2app? App2app is a mechanism that allows mobile apps performing OAuth2 or OpenID Connect based authentication to offer a much simpler faster flow if the user already has an
Implementer’s Draft of FAPI Client Initiated Backchannel Authentication (CIBA) Profile Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: Financial-grade API: Client Initiated Backchannel Authentication Profile An Implementer’s Draft is a stable version of a specification providing
Guest Blog: Formal Analysis of the OpenID Financial-grade API
Guest blog post by Daniel Fett (yes.com), Pedram Hosseyni, and Ralf Küsters (University of Stuttgart). The security of a web protocol is crucial, especially in the domain of financial applications and