Closed-Loop Authentication


Closed-Loop Authentication is when the same party that provided Credential Enrollment provides the Authentication.

Today, most web Authentication is Closed-Loop Authentication, including:

In contrast, Open-Loop Authentication user attributes are asserted by a party that is not directly involved in the Authentication process.

In Closed-Loop Authentication the Identity Provider (IDP) is involved in the Authentication process by verifying possession of the credential by the device.[1]

In third-party Closed-Loop Authentication, the credential authority is an Identity Provider (IDP), which asserts the user attributes to a Relying Party only after verifying possession of the credential by the device. In two-party authentication, there is only one party besides the user’s device, so two-party authentication can only be closed-loop authentication.

More Information#

There might be more information for this subject on one of the following: