Enhanced Authentication Profile (EAP) WG

What is the EAP Working Group?

Working Group Name:

Enhanced Authentication Profile (EAP)


The purpose of this working group is to develop a security and privacy profile of the OpenID Connect specifications that enable users to authenticate to OpenID Providers using strong authentication specifications. The resulting profile will enable use of IETF Token Binding specifications with OpenID Connect and integration with FIDO relying parties and/or other strong authentication technologies.

List of Specifications

Below are links to the HTML versions of the released copies of the specifications:

  • Token Bound Authentication – (Optional) Defines how to apply Token Binding to OpenID Connect ID Tokens
  • EAP ACR Values – (Optional) Enables OpenID Connect RPs to request that specific authentication context classes be applied to authentications performed and for OPs to inform RPs whether these requests were satisfied

Working copies of the specification can be found in the group’s repository.


The easiest way to participate is to join the mailing list at http://lists.openid.net/mailman/listinfo/openid-specs-eap.

Please note that while anyone can join the mailing list as a read-only recipient, posting to the mailing list or actively contributing to the specification itself requires the submission of an IPR Agreement. More information is available at http://openid.net/intellectual-property. Make sure to specify the working group as EAP WG.

Meeting Venue and Schedule