UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8898

Third-Party Token-Based Authentication and Authorization for Session Initiation Protocol (SIP)

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 September 2020
Status: active
Page Count: 15
scope:

Abstract

This document defines the "Bearer" authentication scheme for the Session Initiation Protocol (SIP) and a mechanism by which user authentication and SIP registration authorization is delegated to a third party, using the OAuth 2.0 framework and OpenID Connect Core 1.0. This document updates RFC 3261 to provide guidance on how a SIP User Agent Client (UAC) responds to a SIP 401/407 response that contains multiple WWW-Authenticate/Proxy-Authenticate header fields.

Document History

IETF RFC 8898
September 1, 2020
Third-Party Token-Based Authentication and Authorization for Session Initiation Protocol (SIP)
Abstract This document defines the "Bearer" authentication scheme for the Session Initiation Protocol (SIP) and a mechanism by which user authentication and SIP registration authorization is...

References

This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF on October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document references:
IETF RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
Published by IETF on October 1, 2012
This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the...
This document references:
IETF RFC 7662 - OAuth 2.0 Token Introspection
Published by IETF on October 1, 2015
This specification defines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine meta-information about...
This document references:
IETF RFC 8414 - OAuth 2.0 Authorization Server Metadata
Published by IETF on June 1, 2018
This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server, including its endpoint locations and...
This document is referenced by:
TS 124 371 - Universal Mobile Telecommunications System (UMTS); LTE; Web Real-Time Communications (WebRTC) access to the IP Multimedia (IM) Core Network (CN) subsystem (IMS); Stage 3; Protocol specification
Published by ETSI on May 1, 2022
The present document provides the details for allowing Web Real-Time Communication (WebRTC) IMS Clients (WIC) to access the IP Multimedia (IM) Core Network (CN) subsystem. The present document is...
This document supersedes:
RFC 3261 - SIP: Session Initiation Protocol
Published by IETF on June 1, 2002
A description is not available for this item.
This document supersedes:
RFC 3261 - SIP: Session Initiation Protocol
Published by IETF on June 1, 2002
A description is not available for this item.
View Less
View All
Advertisement