The OATH Certification Profiles are intended to provide specific guidance and recommendations to providers who want to implement OATH specifications in their products.
OATH has taken a modular approach and intends to develop the following profiles to address the different OATH specifications as applied to the identified components of the OATH Reference Architecture.
One or more profiles may be relevant to a particular vendor\\\’s product. For example, a vendor may implement both HOTP and TOTP support in its validation server.
Draft and completed profiles can be downloaded by clicking the link below. The remaining profiles are under development and will be published in the future.

Standalone Client Profiles

HOTP Standalone Client v1.1
TOTP Standalone Client v1.1
OCRA Standalone Client v1.0

Connected Client Profiles

HOTP Connected Client
TOTP Connected Client
OCRA Connected Client

Validation Server Profiles

HOTP Validation Server v1.1
TOTP Validation Server v1.1
OCRA Validation Server v1.0

Provisioning Server Profiles

HOTP Provisioning Server
TOTP Provisioning Server
OCRA Provisioning Server

* Profiles marked “Draft” are currently in the public review period.
** Send your feedback and comments to

OATH Certification Compliance Program (OCCP)