Real-time security event sharing across organizational boundaries. The OpenID Shared Signals Framework (SSF) enables interoperable risk signal exchange, fraud detection, and session management across trust ecosystems.
The OpenID Shared Signals Framework (SSF) is a standard for sharing security events and risk signals in real time between entities that have a trust relationship. When an event occurs at one provider — a credential compromise, a suspicious login, a device change — SSF enables that provider to push an event notification to other providers who need to know.
SSF uses a stream-based model: event transmitters publish events to streams, and event receivers subscribe to relevant streams via configured delivery endpoints. This enables real-time security response without requiring polling or shared databases.
A JSON-based token format for representing security events. SETs are JWT-encoded, signed by the transmitter, and contain standardized event payloads. Events include credential change, session revocation, and risk assessment updates.
Events are published to named streams. Each stream has a configurable delivery method (push via HTTP POST or pull). Receivers acknowledge events, and transmitters handle retry on failure. This ensures reliable delivery in distributed systems.
The entity that detects and publishes events is the Transmitter. The entity that consumes events and takes action is the Receiver. An entity can be both — publishing events about users it manages while receiving events from partners.
Password reset, MFA re-enrollment, API key rotation
Force logout all sessions, device revocation, token invalidation
Identity risk score change, fraud indicator, anomalous behavior detection
Known breach exposure, credential stuffing detection, dark web finding
In a digital trust ecosystem, SSF enables real-time risk intelligence sharing across participants. When a credential is compromised in one part of the ecosystem, every other participant is notified immediately. This is critical for:
We use analytics tools to understand how our website is used and improve your experience. This may involve the processing of your personal data, including your IP address and browsing behavior. You can choose to accept or reject this processing. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. For more details, please read our Privacy Policy.
By accepting, you consent to the processing of your personal data for analytics purposes as described above. You may withdraw consent at any time by clicking the preference icon in the footer.