BeryJu
commented
1 year ago At some point yes, I have previously done tests with their certification testing tool and used it to find and fix bugs aswell
Open septatrix opened 1 year ago
BeryJu
commented
1 year ago At some point yes, I have previously done tests with their certification testing tool and used it to find and fix bugs aswell
BeryJu
commented
1 year ago With the above PR, all conformance tests pass:
Once the next version is released, I'll actually do the certification
septatrix
commented
7 months ago Hi, do you have any update on the certification status?
septatrix
commented
6 months ago @BeryJu Are you able to provide an update on the current state, please?
BeryJu
commented
2 months ago @septatrix The test status is still the same but we haven't yet gotten around to doing the actual certification.
Describe your question/ Some adopters especially in the enterprise segment value an certification. Similarly, 3rd party projects are more likely to provide interoperability and support for authentik integration if they can be sure that its OIDC implementation is spec compliant.
Is such a certification planned somewhere on the road map? Are there any aspects of the OIDC/OAuth2 protocol missing to pass the certification?
Relevant infos The OpenID Foundation provides free certification for open source projects as per their Open Source Project Certification Policy
Additional context Keycloak as probably the most popular FOSS alternative to authentik does have such a certification (https://openid.net/certification/#OPs). It is also certified for financial-grade OIDC though I have no clue which additional compliance tests that includes.