Voluntary Application Server Identification (VAPID) for Web Push, November 2017
- Canonical URL:
- File formats:
- PROPOSED STANDARD
- M. Thomson
- webpush (art)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
An application server can use the Voluntary Application Server Identification (VAPID) method described in this document to voluntarily identify itself to a push service. The "vapid" authentication scheme allows a client to include its identity in a signed token with requests that it makes. The signature can be used by the push service to attribute requests that are made by the same application server to a single entity. The identification information can allow the operator of a push service to contact the operator of the application server. The signature can be used to restrict the use of a push message subscription to a single application server.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.