UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8707

Resource Indicators for OAuth 2.0

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 February 2020
Status: active
Page Count: 11
scope:

Abstract

This document specifies an extension to the OAuth 2.0 Authorization Framework defining request parameters that enable a client to explicitly signal to an authorization server about the identity of the protected resource(s) to which it is requesting access.

Document History

IETF RFC 8707
February 1, 2020
Resource Indicators for OAuth 2.0
Abstract This document specifies an extension to the OAuth 2.0 Authorization Framework defining request parameters that enable a client to explicitly signal to an authorization server about the...

References

This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF on October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document references:
IETF RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
Published by IETF on October 1, 2012
This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the...
This document references:
IETF RFC 7644 - System for Cross-domain Identity Management: Protocol
Published by IETF on September 1, 2015
The System for Cross-domain Identity Management (SCIM) specification is an HTTP-based protocol that makes managing identities in multidomain scenarios easier to support via a standardized service....
This document references:
IETF RFC 7662 - OAuth 2.0 Token Introspection
Published by IETF on October 1, 2015
This specification defines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine meta-information about...
This document is referenced by:
RFC 9126 - OAuth 2.0 Pushed Authorization Requests
Published by IETF on September 1, 2021
Abstract This document defines the pushed authorization request (PAR) endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct...
This document is referenced by:
RFC 9068 - JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens
Published by IETF on October 1, 2021
Abstract This specification defines a profile for issuing OAuth 2.0 access tokens in JSON Web Token (JWT) format. Authorization servers and resource servers from different vendors can leverage this...
This document is referenced by:
RFC 9396 - OAuth 2.0 Rich Authorization Requests
Published by IETF on May 1, 2023
This document specifies a new parameter authorization_details that is used to carry finegrained authorization data in OAuth messages.
This document is referenced by:
RFC 9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP)
Published by IETF on September 1, 2023
This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks...
View Less
View All
Advertisement