RFC 9201
Additional OAuth Parameters for Authentication and Authorization for Constrained Environments (ACE), August 2022
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Author:
- L. Seitz
- Stream:
- IETF
- Source:
- ace (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9201
Discuss this RFC: Send questions or comments to the mailing list ace@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9201
Abstract
This specification defines new parameters and encodings for the OAuth 2.0 token and introspection endpoints when used with the framework for Authentication and Authorization for Constrained Environments (ACE). These are used to express the proof-of-possession (PoP) key the client wishes to use, the PoP key that the authorization server has selected, and the PoP key the resource server uses to authenticate to the client.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.