/
May 2025 Update

May 2025 Update

We're working across four main areas right now heading into the summer:

  • Implementation and interoperability testing for OpenID Federation

  • Ongoing SP redesign/development

  • Wrapping up work on IdP 5.2.0

  • IdP documentation review and planning

With work very advanced on the OP plugin's OpenID Federation support, we have funded participation by our developers to attend a couple of recent conferences with relevance to that work, including a recent interoperability testing event, a successful and worthwhile exercise. We are on track to deliver that support later this year for the OP at least, with the RP following hopefully not too far behind. We are also participating in some of the efforts to craft pilots around the technology. Notably, we also have the capability to immediately support OpenID Federations based on SAML metadata in parallel to the more complex approaches being developed by the OpenID community.

We continue to work toward getting an alpha release of the SP done this year, with work wrapping up on some of the code surrounding the session layer so we can start working on that in earnest soon. Once that's done, the configuration will start to approach a more stable state such that we can start thinking about documentation and what it might look like to migrate from the current version.

Among that documentation will include the alpha interface to access our Java functionality remotely to enable third parties to build compatible agents if any are interested in doing so. That should be a comparatively simple task that makes it potentially possible to leverage fully federated SAML and OpenID without proxies or direct exposure by agents to the complexity of either protocol, which we think has some appeal.

I was encouraged to call out one of the several notable feature losses likely with this redesign, which is that the SP is not going to have the abillity to serve up JSON discovery feeds compatible with the EDS. Neither the SP nor the Java hub (IdP) are good candidates for this due to the memory requirements of the large aggregates now. We think this has to become a federation responsibility as hosting the XML is, and while we can certainly be a provider of “tooling” to do the conversion (probably via the MDA in some kind of Docker appliance), the rest is going to be out of scope.

While we do not expect the SP plugins to ever ship on top of V5 (V6 is more likely), we are aiming to get a couple of additional features done for V5.2.0 to support the SP's development, so once that work completes we can look at shipping that update. We still hope to do that by the end of June. It's plausible that may be the final minor release of any significance for V5, though we may need another minor or two with more minimal changes, additional deprecation warnings, etc.

Finally, we have contracted with Steven Premeau, a long time member of the community,to help with a review of the IdP documentation and put a larger plan together for improving it. Look for the first fruits of that work going forward later this year.