A breakthrough collaboration

From April 28-30, 2025, Stockholm became the epicentre of innovation in digital identity federation as SUNET welcomed 30 international delegates with 14 implementations to a groundbreaking OpenID Federation Interoperability event. The event brought together leaders from the private sector, government, not-for-profits,  academic institutions, technical experts, and policy collaborators to prove out the Federation standard through live implementation interoperability testing - a pivotal milestone in the specification’s  journey to become a final specification.

OpenID Federation is a breakthrough approach to federation that enables trust to be established between parties with no direct relationship between them by virtue of them belonging to a common federation. This modernizes the approach for establishing trust among parties for multiple purposes, including verifiable credential deployments, and seamless integration of multiple trust networks.

Hosted by SUNET (Swedish University Computer Network), this event was a rare opportunity to gather leading minds in identity federation into one room, to not only test the specs and identify potential improvements but to coalesce critical industry partners on realizing the potential of the specification to meet the requirements they have for ecosystems today. Participants came from Sweden, Finland, Netherlands, Italy, Germany, Denmark, Portugal, Poland, Serbia, Croatia, the UK, Brazil, Australia, New Zealand, and the United States!

“It was a pleasure to host the OpenID Foundation. The opportunity for our local community, particularly those in the public sector, to engage directly with international thought leaders was truly invaluable. We look forward to welcoming them again soon,” said Leif Johansson, SUNET.

1. Implementations

Day one kicked off with participants aligning their implementations to the OpenID Federation 1.0 (draft 42) specification. Each team brought their own unique infrastructure, metadata configurations, and trust policies to the table, showcasing the diversity of approaches and the flexibility of the specification.

There was a real spirit of collaboration in the air. Teams from different countries worked in partnership to configure and test their implementations, capturing feedback on the specs, the open source tests, and highlighting real-world integration scenarios. For the participants with a strong EU focus, many explored how these building blocks can deliver on the EU Digital Identity Wallet ecosystem requirements.

Mike Jones, Board Member at the OpenID Foundation said: “There’s no substitute for getting developers and deployers together to collaborate and kick the tires together. People worked closely together over three days, many of whom and previously never met. We learned valuable things about our implementations, the specification, and the certification tests that will improve all of them.  This puts us on a solid track to finish the specification and to have leading-edge ecosystems benefit from it.”

2. Testing

After initial setup, it was time to stress-test the connections. The energy in the room was palpable with mixed groups reviewing and debating code whilst viewing shared terminals, debugging issues, and huddling spontaneously at whiteboards. Through structured testing and ad-hoc exploration, participants uncovered edge cases that could inform the underlying specifications and issues that could improve the tests, but crucially they could also see where their own implementations could be improved. Eight different classes of tests were performed among the 14 implementations.

Roland Hedberg, lead editor of the Federation specification, said: “Three very intensive and fun days. I was so impressed by the number of implementers present and their willingness to put their work up for evaluation. One thought that struck me was the underlying pervasive feeling that it’s now not a question about if people will use OpenID Federation, but rather when they will start.”

3. Results

The interop delivered measurable progress for everyone involved. Participants left with working federation configurations, validated trust chains, and actionable insights into specification gaps or areas of ambiguity. It was a technical leap forward that only face-to-face interoperability and cross-implementor collaboration can achieve.

Figure 1: Portrait of the Federation Entities involved during the interop event.

While challenges were expected, the collective learning has now given the OpenID community clear visibility on the path to a final specification.

Dima Postnikov, representing ConnectID, said, “Trust management and discovery are now recognized as essential building blocks for anyone who runs ecosystems. This interoperability event has clearly shown that the OpenID Federation specification has reached the level of maturity required for global adoption, as demonstrated by the number of active participants representing real ecosystems and software solutions. OpenID Federation specification has a lot of potential for many more use cases and many different types of ecosystems.”

4. Lessons Learned

The week’s testing surfaced several areas for improvement, both in the specification itself and in the surrounding tooling:

• Clarification of policy requirements across federation operators.
• Improved debugging tools for tracking trust chain resolution.
• Diversity of algorithms used for signing Entity Statements.

Henri Mikkonen, representing Shibboleth, said, “The event helped us to verify that after some fairly minor fine-tunings we're already quite well interoperable with the latest draft of the spec. It means that we can start participating in pilots. We were very happy to see that the OpenID Foundation's conformance test suite is getting populated with tests for the federation draft too. We're very happy to be early adopters for those tests as they've been super useful for testing standard OIDC features too. The good team spirit established in person means that we can continue to test interoperability remotely even after the event, crossing organizational boundaries.”

All feedback gathered during the event will feed into upcoming working group discussions, reinforcing the event's role not just in implementation, but in shaping the next steps for OpenID Federation.

5. Next Steps

In the weeks and months ahead, the group is focused on three clear next steps:

• Publishing updated implementation guidance based on interoperability learnings in Sweden.
• Addressing feedback and finalising v1.0 of the OpenID Federation specification.
• Preparing for future interoperability events, including virtual sessions and additional in-person gatherings in the second half of 2025.

Gail Hodges, Executive Director of the OpenID Foundation, said “Technologists that lead ecosystems face common challenges. The OpenID Foundation is honored that so many leading technologists have committed thousands of volunteer hours to develop the next generation in federation, and it is a personal joy to see them celebrating this milestone moment of interoperability and accomplishment. I cannot wait until we can celebrate the specification moving to final soon!”

As the work on OpenID Federation matures and ecosystem awareness builds, the OpenID Foundation expects deployment will ripple through projects, products, and jurisdictions around the world.

About the OpenID Foundation

The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, FAPI has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling ‘networks of networks’ to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.