LANGUAGE
  • 日本語
  • 한국어
  • 简体中文
  • English
  • What is FIDO?
  • Specifications
  • FAQ’s
  • Knowledge Base
  • Join
FIDO Alliance
  • The Alliance
    About FIDO Alliance
    • Alliance Overview
    • History of FIDO Alliance
    • FIDO Leadership
    • Legal & Logo Usage
    • Code of Conduct
    • Contact Us
    Our Membership
    • FIDO Members
    • Liaison Partners
    • Working Groups
    • Committees and Study Groups
    Join FIDO Alliance
    • Membership Benefits
    • Membership Application
    Newsletter Sign-Up
    FIDO Explained
  • Standards & Technology
    Work Areas
    • FIDO Authentication
    • Identity Verification & Binding
    • Device Onboarding
    FIDO Authentication
    • How FIDO Works
    • Passkeys
    • FIDO2
    • FIDO Alliance Metadata Service
    • FIDO Privacy Principles
    • FIDO Design System
    • FIDO UX Guidelines
    Specifications
    • User Authentication Specifications Overview
    • Download Authentication Specifications
    • Device Onboarding Overview
    • Download IoT Specifications
    Developers
    • Getting Started
    • Developer Resources
    • FIDO Developer Challenge 2022 – India
  • Discover FIDO
    Getting Started Knowledge Base
    • Intro to FIDO
    • Building the Business Case
    • Buying, Building & Partnering
    • Implementation & Deployment
    Adoption
    • FIDO Case Studies
    • Market Solutions
    • Government & Public Policy
    • PSD2 Compliance
    • Deployment Showcase
    • FIDO Government Deployments and Recognitions
    • FIDO in the Enterprise
    Resources
    Showcase
    Research
    Videos
    White Papers
    Presentations
    FAQ
  • FIDO® Certified
    FIDO Certification Programs
    • FIDO Certified Professional Program
    • FIDO Device Onboard (FDO)
    • Functional Certification
    • Authenticator Certification
    • Biometric Component Certification
    • Document Authenticity (Doc Auth)
    • Certification Maintenance and Updates
    Get Certified
    • Certification Overview
    • Certification Registration
    • Certification Fees
    • Secretariat
    • TMLA
    Certified Products
    • FIDO® Certified Products
    • FIDO Certified Showcase
  • News & Events
    Latest Updates
    • FIDO News Center
    • Events Calendar
    • FIDO in the News
    • Press Center
  • What is FIDO?
  • Specifications
  • FAQ’s
  • Knowledge Base
  • Join
Language
  • 日本語
  • 한국어
  • 简体中文
  • English
search
  • Metadata Service
    • Overview
    1. Home 
    2. FIDO Alliance Metadata Service 
    3. Frequently Asked Questions

    Frequently Asked Questions

    What are the new Legal Terms?

    As you may know the biggest change in MDS 2.0 is the introduction of new legal terms for both Authenticator vendors and consumers of Metadata (Relying Parties). The MDS 2.0 Legal terms can be viewed at the URLs listed below:

    Publisher Terms for Authenticator vendors who publish metadata: https://mymds2.fidoalliance.org/eula

    [Japanese (日本の) version (for reading/reference purposes only)]

    Usage Terms for Relying parties or anyone who wishes to access metadata: https://mds2.fidoalliance.org/tokens/legalese?v=1.0

    [Japanese  (日本の) version (for reading/reference purposes only)]

     

    Can I view the original legal terms?

    Yes, you can view the original Metadata Service legal terms here.

     

    How do I get an access token?

    To retrieve metadata or TOC (Table of Contents for all metadata statements) you will have to first register to get a MDS Access Token. To do this visit: https://mds2.fidoalliance.org/tokens/

     

    How do I retrieve the TOC file from MDS2?

    Once you have an issued Access Token, you can get to the Metadata TOC by using the URL below after you substitute in the URL below with your access token string.

    https://mds2.fidoalliance.org/?token=your-access-token-string

    Example (this does not use a valid token): https://mds2.fidoalliance.org/?token=6d6b44d78b09fed0c5559e34c71db291d0d322d4d4de0000

    This will download a TOC file in an encoded JWT format (not human-readable).

     

    How do I view a readable TOC file?

    1. Visit JWT decoding web site: https://jwt.io
    2. Click on Debugger at the top (or scroll down)
    3. On the Debugger page, in the Encoded box on the left side: Replace all existing text with the encode string in the toc.jwt file.

     

    How do I verify the digital signature in the TOC?

    TOC is a digitally signed document. In order to verify the digital signature please use the following information:

    1. The root certificate from the FIDO Alliance is available at https://mds.fidoalliance.org/Root.cer
    2. To validate the digital certificates used in the digital signature, the certificate revocation information is available in the form of CRLs at the following locations
    3. http://mds.fidoalliance.org/Root.crl
    4. http://mds.fidoalliance.org/CA-1.crl

     

    How do I view metadata statement for an authenticator?

    The URLs in the TOC corresponding to each Authenticator will be of the format: https://mds2.fidoalliance.org/metadata/4e4e%234005

    This URL will no longer work as is. You must now append this URL with your Access Token as shown below: (this does not use a valid token)

    https://mds2.fidoalliance.org/metadata/4e4e%234005/?token=6d6b44d78b09fed0c5559e34c71db291d0d322d4d4de0000

    Once you retrieve the metadata statement it will be in Base64 format. Use https://www.base64decode.org/ to decode it to see a readable form of the metadata statement.

     

    How do I publish my authenticator’s metadata?

    The Authenticator vendors portal for metadata submission can be accessed at https://mymds2.fidoalliance.org/

     

    How do I get a Vendor ID?

    For UAF Authenticator Vendors only: To be able to publish a metadata statement, UAF Authenticator vendors must first get a Vendor ID issued by the Alliance.

     

    How do I get assistance?

    Please use the feedback form links available at the bottom of the web pages for requesting further assistance. You can also send feedback to certification@fidoalliance.org.

    FIDO Alliance
    • What is FIDO?
    • How FIDO Works
    • FIDO2
    • Alliance Overview
    • Terms of Use
    • User Authentication Specifications Overview
    • Certification Overview
    • Knowledge Base
    • Press Center
    • Privacy Policy

    Join the Community

    Get the Latest Updates Participate in FIDO-Dev Forum

    Categories

    • Announcements
    • Building the Business Case
    • Buying, Building & Partnering
    • FIDO in the News
    • Implementation & Deployment
    • Intro to FIDO
    • Market Research
    • Perspectives
    • Uncategorized
    FIDO Alliance Metadata Service
    • Metadata Service Overview
    • Frequently Asked Questions
    • Metadata Service Terms

    Document Authenticity (DocAuth) Certification Program for Remote Identity Verification

    • Introduction
    • Certification Process Overview
    • Certification Fees
    • Accredited Labs
    • Get Certified
    • Resource Documentation
    Sign up for updates!Get news from FIDO Alliance in your inbox.

    By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.

    First Name
    Last Name
    Email
    Country
    Company
    Job Title
    • 日本語
    • 한국어
    • 简体中文
    • English