Open-Loop Authentication


Open-Loop Authentication is when the user credential(s) are asserted by a Identity Provider (IDP) to a Relying Party that is not directly involved in the Authentication process.

In contrast, Closed-Loop Authentication is when the same party that provided Credential Enrollment provides the Authentication.

In Open-Loop Authentication a Identity Provider (IDP) issues a cryptographic credential to the user’s device and then is "out of the loop" when the device presents the credential to a Relying Party.[1]

Credentials used in Open-Loop Authentication are typically Public Key Certificates, but could also be U-Prove tokens or Idemix anonymous credentials.

More Information#

There might be more information for this subject on one of the following: