UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8628

OAuth 2.0 Device Authorization Grant

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 August 2019
Status: active
Page Count: 21
scope:

Abstract

The OAuth 2.0 device authorization grant is designed for Internet-connected devices that either lack a browser to perform a user-agent-based authorization or are input constrained to the extent that requiring the user to input text in order to authenticate during the authorization flow is impractical. It enables OAuth clients on such devices (like smart TVs, media consoles, digital picture frames, and printers) to obtain user authorization to access protected resources by using a user agent on a separate device.

Document History

IETF RFC 8628
August 1, 2019
OAuth 2.0 Device Authorization Grant
Abstract The OAuth 2.0 device authorization grant is designed for Internet-connected devices that either lack a browser to perform a user-agent-based authorization or are input constrained to the...

References

This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF on October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document references:
IETF RFC 8414 - OAuth 2.0 Authorization Server Metadata
Published by IETF on June 1, 2018
This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server, including its endpoint locations and...
This document references:
IETF RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3
Published by IETF on August 1, 2018
This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent...
This document is referenced by:
RFC 9200 - Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth)
Published by IETF on August 1, 2022
This specification defines a framework for authentication and authorization in Internet of Things (IoT) environments called ACE‑OAuth. The framework is based on a set of building blocks including...
This document is referenced by:
RFC 9396 - OAuth 2.0 Rich Authorization Requests
Published by IETF on May 1, 2023
This document specifies a new parameter authorization_details that is used to carry finegrained authorization data in OAuth messages.
View Less
View All
Advertisement