Guest Blog: Financial-grade API (FAPI) Explained by an Implementer
Introduction Financial-grade API (FAPI) is a technical specification that Financial-grade API Working Group of OpenID Foundation has developed. It uses OAuth 2.0 and OpenID Connect (OIDC) as its base and defines additional technical requirements for the financial industry and other
Guest Blog: Implementing App-to-App Authorisation in OAuth2/OpenID Connect
What is app2app? App2app is a mechanism that allows mobile apps performing OAuth2 or OpenID Connect based authentication to offer a much simpler faster flow if the user already has an
Implementer’s Draft of FAPI Client Initiated Backchannel Authentication (CIBA) Profile Approved
The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: Financial-grade API: Client Initiated Backchannel Authentication Profile An Implementer’s Draft is a stable version of a specification providing
Guest Blog: Formal Analysis of the OpenID Financial-grade API
Guest blog post by Daniel Fett (yes.com), Pedram Hosseyni, and Ralf Küsters (University of Stuttgart). The security of a web protocol is crucial, especially in the domain of financial applications and