Metadata Service Overview

FIDO Alliance Metadata Service

The FIDO Alliance Metadata Service (MDS) is a web-based tool where FIDO authenticator vendors can publish metadata statements for FIDO servers to download. This provides organizations deploying FIDO servers with a centralized and trusted source of information about FIDO authenticators.

FIDO MDS Purpose

The universe of FIDO authenticators is dynamic. Vendors are frequently releasing new authenticators or updating existing ones. In addition, vulnerabilities may be discovered in existing authenticators, requiring that their use be limited or phased out.

FIDO servers can validate the integrity of a device population by periodically downloading a digitally signed metadata Table of Contents (TOC) file containing URLs used to verify individual metadata statements.

An organization deploying FIDO Authentication should keep its metadata database up-to-date to ensure it has the latest information about new authenticators, including their certification status, and protect itself against vulnerabilities in trusted authenticators.