[Openid-specs-fapi] Introduction and some questions
Nat Sakimura
nat at sakimura.org
Fri Jun 27 07:25:47 UTC 2025
Hi Monika,
Welcome to FAPI. FAPI is mostly working on the third-party provider
connecting to a service provider (e.g. Fintech to Bank) and has
historically not been working on workload identity, etc.
We are currently working on the Implementation guidance paper, and those
might be relevant for it.
Best regards,
Nat Sakimura
Co-chair, OpenID Foundation FAPI WG
2025年6月27日(金) 2:18 Monika Avalur via Openid-specs-fapi <
openid-specs-fapi at lists.openid.net>:
> Hi,
>
> I am Monika Avalur working as a product manager in IAM space in CyberArk.
> I have been assigned to this working group and have been going through the
> specs for FAPI.
>
> I wanted to understand if we plan of further providing guidance as part
> of FAPI on how the security varies for each entity. Ex: Human vs machine vs
> workload vs AI agent etc., as the security profile varies for each as well
> the way they authenticate and authorize.
>
> FAPI talks mostly about confidential clients, but it doesn't say a lot of
> which protocol and which type of security profile to use for which entity.
> This guidance will help standardize security among a lot IAM vendors.
>
> Thanks & Regards,
> Monika
>
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-fapi
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20250627/9ad8a7a3/attachment-0001.htm>
More information about the Openid-specs-fapi
mailing list