OAuth 2.0: Difference between revisions
m (5 revisions imported: Initial Upload of old pages from IDESG Wiki) |
No edit summary |
||
| Line 2: | Line 2: | ||
<br/> | <br/> | ||
'''Category''': | '''Category''': Authorization Protocol Specification | ||
<br/> | <br/> | ||
| Line 25: | Line 25: | ||
service, either on behalf of a resource owner by orchestrating an approval interaction between the resource | service, either on behalf of a resource owner by orchestrating an approval interaction between the resource | ||
owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. | owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. | ||
<br /> | |||
'''Subsequent Work''' The IETF has created a new committee on Grant Negotiation and Authorization Protocol ([[GNAP]]) that will be working on the next generation of access protocols. | |||
<br /> | <br /> | ||
| Line 39: | Line 42: | ||
[[Category:Standards]] | [[Category:Standards]] | ||
[[Category: | [[Category:Authorization]] | ||
Latest revision as of 21:30, 24 July 2020
Title: The OAuth 2.0 Authorization Framework
Category: Authorization Protocol Specification
Date: 7/31/2012
Creator: IETF
URL: https://www.rfc-editor.org/rfc/rfc6749.txt
The OAuth 2.0 Authorization Framework includes the following RFCs:
RFC 6749, OAuth 2.0 Authorization Framework RFC 6750, The OAuth 2.0 Authorization Framework: Bearer Token Usage RFC 6819, OAuth 2.0 Threat Model and Security Considerations RFC 7591, OAuth 2.0 Dynamic Client Registration Protocol RFC 7592, OAuth 2.0 Dynamic Client Registration Management Protocol RFC 7636, Proof Key for Code Exchange by OAuth Public Clients (PKCE, pronounced "pixy")
Description: The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP
service, either on behalf of a resource owner by orchestrating an approval interaction between the resource
owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
Subsequent Work The IETF has created a new committee on Grant Negotiation and Authorization Protocol (GNAP) that will be working on the next generation of access protocols.
Privacy:
Security:
Interoperability:
Terms: Access Token, Refresh Token, Authorization Code, Authorization Grant, Authorization Server, Authorization Endpoint, Client, Client Identifier, Client Secret, Client Password, Protected Resource, Resource Owner, Resource Server