UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 6750

The OAuth 2.0 Authorization Framework: Bearer Token Usage

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 October 2012
Status: active
Page Count: 17
scope:

This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport.

Document History

IETF RFC 6750
October 1, 2012
The OAuth 2.0 Authorization Framework: Bearer Token Usage
This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the...

References

This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF on October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document references:
IETF RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1
Published by IETF on June 1, 1999
A description is not available for this item.
This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF on October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document is referenced by:
ITU-T Y.2724 - Framework for supporting OAuth and OpenID in next generation networks
Published by ITU-T on November 1, 2013
This Recommendation describes a framework for the support and use of OAuth and OpenID by next generation networks (NGNs). The scope of this Recommendation includes: functional framework for NGN...
This document is referenced by:
TR 133 871 - Universal Mobile Telecommunications System (UMTS); LTE; Study on Security for WebRTC IMS Client access to IMS
Published by ETSI on October 1, 2014
The goal of WebRTC IMS Client access to IMS is to significantly expand the pool of clients able to access IMS. The present document contains a study on security issues following the potential...
This document is referenced by:
TS 124 371 - Universal Mobile Telecommunications System (UMTS); LTE; Web Real-Time Communications (WebRTC) access to the IP Multimedia (IM) Core Network (CN) subsystem (IMS); Stage 3; Protocol specification
Published by ETSI on May 1, 2022
The present document provides the details for allowing Web Real-Time Communication (WebRTC) IMS Clients (WIC) to access the IP Multimedia (IM) Core Network (CN) subsystem. The present document is...
This document is referenced by:
TS 133 203 - Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Access security for IP-based services
Published by ETSI on May 1, 2022
The scope for this technical specification is to specify the security features and mechanisms for secure access to the IM subsystem (IMS) for the 3G mobile telecommunication system. Since the scope...
View Less
View All
Advertisement