The OpenID Connect Working Group recommends the approval of Errata corrections to the following specifications:
- OpenID Connect Core 1.0 – Defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of Claims to communicate information about the End-User
- OpenID Connect Discovery 1.0 – Defines how Relying Parties dynamically discover information about OpenID Providers
- OpenID Connect Dynamic Client Registration 1.0 – Defines how Relying Parties dynamically register with OpenID Providers
- OpenID Connect Back-Channel Logout 1.0 - Defines a logout mechanism that uses direct back-channel communication between the OP and RPs being logged out
An Errata version of a specification incorporates corrections identified after the Final Specification was published. This would be the second set of errata corrections for Core, Discovery, and Dynamic Client Registration and the first Back-Channel Logout. This note starts the 45 day public review period for the specification drafts in accordance with the OpenID Foundation IPR policies and procedures. This review period will end on Tuesday, December 5, 2023. Unless issues are identified during the review that the working group believes must be addressed by revising the drafts, this review period will be followed by a seven day voting period during which OpenID Foundation members will vote on whether to approve these drafts as OpenID Errata Specifications. For the convenience of members who have completed their reviews by then, voting will actually open a week early on Wednesday, November 29, 2023, with the voting period still ending on Wednesday, December 13, 2023. The specifications incorporating the proposed Errata corrections are available at:
- https://openid.net/specs/openid-connect-core-1_0-33.html
- https://openid.net/specs/openid-connect-discovery-1_0-36.html
- https://openid.net/specs/openid-connect-registration-1_0-38.html
- https://openid.net/specs/openid-connect-backchannel-1_0-12.html
The corresponding previously approved specifications are available at:
- https://openid.net/specs/openid-connect-core-1_0-errata1.html
- https://openid.net/specs/openid-connect-discovery-1_0-errata1.html
- https://openid.net/specs/openid-connect-registration-1_0-errata1.html
- https://openid.net/specs/openid-connect-backchannel-1_0-final.html
Or see the Introduction sections of the specifications for links to previously approved versions. A description of OpenID Connect can be found at https://openid.net/connect/. The working group page is https://openid.net/wg/connect/. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration. If you’re not a current OpenID Foundation member, please consider joining to participate in the approval vote. You can send feedback on the specifications in a way that enables the working group to act upon it by (1) signing the contribution agreement at https://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “AB+Connect” working group on your contribution agreement), (2) joining the working group mailing list at https://lists.openid.net/mailman/listinfo/openid-specs-ab, and (3) sending your feedback to the list. See the History entries in the specifications for a summary of the errata corrections applied.
On November 2, 2023 OpenID Connect Core 1.0 draft 34 was published. It incorporates feedback received during the review period. It adds the loopback wording previously applied to the Implicit Flow to the Authorization Code Flow.