LANGUAGE
  • 日本語
  • 한국어
  • 简体中文
  • English
  • 如何加入 FIDO 联盟
FIDO Alliance
  • The Alliance
    About FIDO Alliance
    • 关于 FIDO 联盟
    • 在线快速身份认证(FIDO)发展历程
    • 联系方式
    Our Membership
    • 工作组
    • FIDO Members
    • Liaison Partners
    • Committees and Study Groups
    Join FIDO Alliance
    • 会员权益和会费级别
    • 如何加入 FIDO 联盟
    Newsletter Sign-Up
    FIDO Explained
  • Standards & Technology
    Work Areas
    • FIDO Authentication
    • Identity Verification & Binding
    • Internet of Things
    FIDO Authentication
    • FIDO 的工作原理
    • FIDO2: WebAuthn & CTAP
    • Metadata Service
    Specifications
    • Specifications Overview
    • Download Specifications
    Developers
    • Getting Started
    • Developer Resources
  • Discover FIDO
    Getting Started Knowledge Base
    • Intro to FIDO
    • Building the Business Case
    • Buying, Building & Partnering
    • Implementation & Deployment
    Adoption
    • FIDO Case Studies
    • Case Studies
    • FIDO 联盟政府和政策计划
    • Market Solutions
    • Government & Public Policy
    • PSD2 Compliance
    • Commercial Deployments
    Resources
    Showcase
    Research
    Videos
    White Papers
    Presentations
    FAQ
  • FIDO® Certified
    FIDO Certification Programs
    • FIDO Certified Professional Program
    • Functional Certification
    • Authenticator Certification
    Get Certified
    • 认证提交
    Certified Products
    • FIDO® Certified Products
    • FIDO Certified Showcase
  • News & Events
    Latest Updates
    • Events Calendar
    • FIDO in the News
    • Press Center
    • FIDO Blog
  • 如何加入 FIDO 联盟
Language
  • 日本語
  • 한국어
  • 简体中文
  • English
search
  • FIDO Authentication - Chinese (Simplified)
    • FIDO 的工作原理
    • FIDO2: WebAuthn & CTAP
    • Metadata Service
    1. Home 
    2. FIDO Alliance Metadata Service

    FIDO Alliance Metadata Service

    The FIDO Alliance Metadata Service (MDS) is a centralized repository of the Metadata Statement that is used by the relying parties to validate authenticator attestation and prove the genuineness of the device model. MDS also provides information about certification status of the authenticators, and found security issues. Organizations deploying FIDO Authentication are able to use this information to select specific certification levels as required for compliance, and work through the security notifications to ensure effective incident response.

    The latest update to MDS (version 3.0) features an improved user interface and improved metadata publication time for vendors, and easier download of the metadata TOC blob for deploying organizations.If you are looking for Legacy MDS2 documentation, you can find it here: https://fidoalliance.org/metadata/legacy-mds2

    Who should be using Metadata Service?

    The metadata service provides organizations deploying FIDO Authentication with a centralized and trusted source of information about FIDO authenticators. MDS and attestations are especially helpful for deploying organizations in particular types of industries, including regulated industries (government, federal agencies, banking and healthcare organizations for example) and/or organizations handling sensitive data (media companies, R&D institutions, corporations, etc). These types of organizations should leverage MDS to verify that accepted authenticators meet certain criteria, such as FIDO L1, L2 and L3 certifications for compliance, as well as leverage security issue notifications  to determine suitable responses.

    An organization deploying FIDO and leveraging MDS should keep its metadata database up-to-date to ensure it has the latest information about new authenticators, including their certification status, and protect itself against vulnerabilities in trusted authenticators.

    API

    Authorization

    Downloading the MDS3 BLOB does not require authorization

    Obtaining BLOB

    The latest BLOB can be downloaded from https://mds3.fidoalliance.org/

    There is no need to download individual metadata anymore. The new MDS3 BLOB contains ALL metadata statements in one JSON file.

    For our PKI We use GlobalSign. The root GS-R3 certificate can be found here: https://valid.r3.roots.globalsign.com/

    FAQ

    How often should I be fetching MDS3 blob?
    We suggest downloading the BLOB once a month and then caching its content because the MDS data does not change often.

    Do I need an access token?
    No, you do not.

    Do I need to register with MyMDS to get access to BLOB?
    No, you do not.

    Useful tools

    • Specifications:
      • https://fidoalliance.org/specs/mds/fido-metadata-service-v3.0-ps-20210518.html
      • https://fidoalliance.org/specs/mds/fido-metadata-statement-v3.0-ps-20210518.html
    • https://jwt.io/ – Really useful service for JWT decoding and debugging
    • https://www.base64decode.org/ – Decoding Base64 to UTF8

    Legal

    Please see the MDS Legal Terms.

    For assistance on the FIDO Alliance Metadata Service, reach out to support@mymds.fidoalliance.org.

    FIDO Alliance
    • FIDO 的工作原理
    • 关于 FIDO 联盟
    • HOW FIDO WORKS
    • Terms of Use
    • Specifications Overview
    • Certification Overview
    • Knowledge Base
    • Privacy Policy
    • Press Center

    Join the Community

    Get the Latest Updates Participate in FIDO-Dev Forum

    Categories

    • Announcements
    • Building the Business Case
    • Buying, Building & Partnering
    • FIDO in the News
    • Implementation & Deployment
    • Intro to FIDO
    • Market Research
    • Perspectives
    • Uncategorized
    FIDO Alliance Metadata Service
    • Metadata Service Overview
    • Frequently Asked Questions
    • Metadata Service Terms

    Document Authenticity (DocAuth) Certification Program for Remote Identity Verification

    Sign up for updates!Get news from FIDO Alliance in your inbox.

    By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.

    First Name
    Last Name
    Email
    Country
    Company
    Job Title
    • 日本語
    • 한국어
    • 简体中文
    • English