From IDESG Wiki
Jump to: navigation, search

Title: OAuth 2.0 Dynamic Client Registration Protocol (Request for Comments: 7591) (ISSN: 2070-1721)

Category: Authentication protocol specification

Date: July 2015

Creator: Internet Engineering Task Force (IETF)


Description: This specification defines mechanisms for dynamically registering OAuth 2.0 clients with authorization servers. Registration requests send a set of desired client metadata values to the authorization server. The resulting registration responses return a client identifier to use at the authorization server and the client metadata values registered for the client. The client can then use this registration information to communicate with the authorization server using the OAuth 2.0 protocol. This specification also defines a set of common client metadata fields and values for clients to use during registration.




Terms: This specification uses the terms "access token", "authorization code", "authorization endpoint", "authorization grant", "authorization server", "client", "client identifier", "client secret", "grant type", "protected resource", "redirection URI", "refresh token", "resource owner", "resource server", "response type", and "token endpoint" defined by OAuth 2.0 [RFC6749] and uses the term "Claim" defined by JSON Web Token (JWT) [RFC7519].

In addition, this specification defines the following terms

  • Client Software
  • Client Instance
  • Client Developer
  • Client Registration Endpoint
  • Initial Access Token
  • Deployment Organization
  • Software API Deployment
  • Software API Publisher
  • Software Statement