IETF RFC 7009 - OAuth 2.0 Token Revocation

From IDESG Wiki
Revision as of 04:00, 28 June 2018 by Omaerz (talk | contribs) (1 revision imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Title: OAuth 2.0 Token Revocation


Category: Authentication protocol specification


Date: August 2013


Creator: Internet Engineering Task Force (IETF)


URL: http://www.ietf.org/rfc/rfc7009.txt


Description: This document proposes an additional endpoint for OAuth authorization servers, which allows clients to notify the authorization server that a previously obtained refresh or access token is no longer needed. This allows the authorization server to clean up security credentials. A revocation request will invalidate the actual token and, if applicable, other tokens based on the same authorization grant.


Privacy:


Security:


Interoperability:


Terms: