Voluntary Application Server Identification (VAPID) for Web Push, November 2017
- File formats:
- PROPOSED STANDARD
- M. Thomson
- webpush (art)
Cite this RFC: TXT | XML | BibTeX
Discuss this RFC: Send questions or comments to the mailing list email@example.com
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8292
An application server can use the Voluntary Application Server Identification (VAPID) method described in this document to voluntarily identify itself to a push service. The "vapid" authentication scheme allows a client to include its identity in a signed token with requests that it makes. The signature can be used by the push service to attribute requests that are made by the same application server to a single entity. The identification information can allow the operator of a push service to contact the operator of the application server. The signature can be used to restrict the use of a push message subscription to a single application server.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.