FAPI certification of Connect2id server 9.5

The current Connect2id server release was tested in a online deployment against the FAPI certification suite (v4.0.1) and the results are now published on the OpenID Foundation certifications page, in the FAPI section.

The test suite has two modes - one for clients authenticating with private_key_jwt and another for clients authenticating with self_signed_tls_client_auth (mTLS). You you are developing a client application we suggest using the mTLS method because it's typically easier to setup.

If you're developing a deployment that needs to conform to the FAPI security standard we recommend you run the FAPI certification tests against it to make sure something is not accidentally missed out. The tests can be run for free. A fee is required only if you need to publish them and obtain a certificate from the OpenID Foundation.

The FAPI checklist has instructions how to setup a Connect2id server deployment for FAPI.