This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF
on
October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document references:
IETF RFC 7662 - OAuth 2.0 Token Introspection
Published by IETF
on
October 1, 2015
This specification defines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine meta-information about...
This document is referenced by:
RFC 9126 - OAuth 2.0 Pushed Authorization Requests
Published by IETF
on
September 1, 2021
Abstract This document defines the pushed authorization request (PAR) endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct...
This document is referenced by:
RFC 9068 - JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens
Published by IETF
on
October 1, 2021
Abstract This specification defines a profile for issuing OAuth 2.0 access tokens in JSON Web Token (JWT) format. Authorization servers and resource servers from different vendors can leverage this...
This document is referenced by:
RFC 9396 - OAuth 2.0 Rich Authorization Requests
Published by IETF
on
May 1, 2023
This document specifies a new parameter authorization_details that is used to carry finegrained authorization data in OAuth messages.
This document is referenced by:
RFC 9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP)
Published by IETF
on
September 1, 2023
This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks...