OpenAM implements the following RFCs, Internet-Drafts, and standards.
The OAuth 2.0 Authorization Framework, in which OpenAM can play the roles of authorization server and of client.
The OAuth 2.0 Authorization Framework: Bearer Token Usage, in which OpenAM plays the role of authorization server.
Assertion Framework for OAuth 2.0, which is an Internet-Draft.
SAML 2.0 Bearer Assertion Profiles for OAuth 2.0, which is an Internet-Draft.
Style of software architecture for web-based, distributed systems.
Standard, XML-based framework for creating and exchanging security information between online partners. OpenAM supports multiple versions of SAML including 2.0.
Federation standard, whose concepts and capabilities contributed to SAML 2.0.
Lightweight protocol intended for exchanging structured information in a decentralized, distributed environment.
XML format for describing network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information.
Identity federation standard, part of the Web Services Security framework.
Declarative access control policy language implemented in XML, and also a processing model, describing how to interpret policies.