OAuth 2.0

From IDESG Wiki
Revision as of 04:02, 28 June 2018 by Omaerz (talk | contribs) (5 revisions imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Title: The OAuth 2.0 Authorization Framework


Category: Authentication Protocol Specification


Date: 7/31/2012


Creator: IETF


URL: https://www.rfc-editor.org/rfc/rfc6749.txt

The OAuth 2.0 Authorization Framework includes the following RFCs:

RFC 6749,  OAuth 2.0 Authorization Framework
RFC 6750, The OAuth 2.0 Authorization Framework: Bearer Token Usage
RFC 6819, OAuth 2.0 Threat Model and Security Considerations
RFC 7591, OAuth 2.0 Dynamic Client Registration Protocol
RFC 7592, OAuth 2.0 Dynamic Client Registration Management Protocol
RFC 7636, Proof Key for Code Exchange by OAuth Public Clients (PKCE, pronounced "pixy")


Description: The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.


Privacy:


Security:


Interoperability:


Terms: Access Token, Refresh Token, Authorization Code, Authorization Grant, Authorization Server, Authorization Endpoint, Client, Client Identifier, Client Secret, Client Password, Protected Resource, Resource Owner, Resource Server