SIG Meeting: 2025-06-04 24th Meeting (69th from Ex FAPI-SIG)

# SIG Meeting: 2025-06-04 24th Meeting (69th from Ex FAPI-SIG) [Meeting Slides](https://github.com/keycloak/kc-sig-fapi/blob/main/OAuth-SIG/meetings/24th/presentations/OAuth-SIG_24th_MTG_agenda.pdf) - Date: Wed 4 June 2025 - Time: 11:00 - 12:00 UTC in 1 hour 07:00 - 08:00 EDT (UTC-4) 12:00 - 13:00 BST (UTC+1) 13:00 - 14:00 CEST (UTC+2) 14:00 - 15:00 EEST (UTC+3) 16:30 - 17:30 IST (UTC+5:30) 20:00 - 21:00 JST (UTC+9) 21:00 - 22:00 AEST (UTC+10) ## Agenda Agenda Items to discuss ## Attendees - Takashi Norimatsu - Pascal Knüppel - Costas Georgilakis - Dmitry Telegin - Forkim Akwichek - Ingrid Kamga - Kannan Rasappan - Marek Posolda - Rodrick Awambeng - Stefan Wiedemann - Bertrand Ogen ## Notes Notes by Topic ### General - Takashi presents current state of efforts - Next OAuth SIG meeting will be held on Wednesday 2 July 2025. ### Transaction Token, SPIFEE for Workload Identity - The private channel was created in the CNCF slack. If you are interested in that, please contact ### OAuth 2.0 for First-Party Applications (FiPA) - Waiting for comment on the discussion: https://github.com/keycloak/keycloak/discussions/38796 ### Shared Signals Framework (SSF) - Thomas: Current status: The SSF extension I developed has support to act as a SSF Receiver with pluggable event handling. SSF Transmitter support is WIP - Thomas: The SSF spec is close get final - Thomas: Otherwise no update (development currently on hold - I'm currently stuck with selecting the a proper mechanism to handle event storage and streaming for the SSF Transmitter Support) - Thomas: I suggest to move this to on hold for as I don't have time to work on this for the next few weeks ### OpenID Federation 1.0 - The Hitachi's staff submitted the article to CNCF Blog: ["Building trust with OpenID Federation trust chain on Keycloak"](https://www.cncf.io/blog/2025/04/25/building-trust-with-openid-federation-trust-chain-on-keycloak/) - He will also have a talk about it in KeycloakCon 2025 Japan: ["OpenID Federation Trust Chain on Keycloak for Highly Assured Use Cases of Digital Identity Wallet"](https://keycloakconjapan2025.sched.com/event/23463) ### FIDO2 Conformance Test - Current Keycloak's WebAuthn support was posted on the slack channel. - Backbase is now on preliminary analysis for that. ### OpenID Verifiable Credentials Issuance (OID4VCI) - OpenID Conformance Testing Instructions: https://openid.net/certification/conformance-testing-for-openid-for-verifiable-credential-issuance/ - Note that the OpenID Conformance Testing for OpenID4VCI is still WIP and currently available via https://demo.certification.openid.net/index.html ### Token Exchange - Now working on Internal/External scenario. - Epic Issue: [#38335](https://github.com/keycloak/keycloak/issues/38335) ### Demonstrating Proof-of-Possession (DPoP) - Epic Issue: [#22311](https://github.com/keycloak/keycloak/issues/22311) - Takashi is working on [#21921](https://github.com/keycloak/keycloak/issues/21921) and [#33942](https://github.com/keycloak/keycloak/issues/33942), investigating whole DPoP codes, but no progress in this week. ### Passkeys - Now mainly working on improving conditional UI: https://github.com/keycloak/keycloak/issues/29596 ### FAPI 2.0 - The conformance test for FAPI 2.0 Final seems to be released soon: https://gitlab.com/openid/conformance-suite/-/issues/?label_name%5B%5D=fapi2-final ### KeycloakCon Japan 2025 - KeycloakCon Japan schedule is already public: https://events.linuxfoundation.org/keycloakcon-japan/program/schedule/ ### KeyConf 25 Amsterdam - ## Recordings https://us06web.zoom.us/rec/share/igcbB64wonoTmN57jOZUn8GBOoxDSG_pU8XifmKHCB0fvzLa3BkE443LW0-XkUHB.uFfFj1B_nI3bzBRg