Main Page

From IDESG Wiki
Revision as of 14:35, 12 March 2015 by Salvatore D'Agostino (Talk) (The OAuth 2.0 Authorization Framework)

Jump to: navigation, search

Title: The OAuth 2.0 Authorization Framework, RFC 6749

Category: Application Programming Interface Messaging Framework

Date: 3/12/2015

Creator: IETF


Description: The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 1.0 protocol described in RFC 5849.

Privacy: See security considerations

Security: See security considerations

Interoperability: A common format for exchanging information via applications programming interfaces between Authorization Servers and Resource Servers. Widely used across many applications and users every day.

Terms: Authorization, Tokens, Access Token, Refresh Token, Authorization Server, Resource Server, Client Credentials