Additional OAuth Parameters for Authentication and Authorization for Constrained Environments (ACE), August 2022
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
This specification defines new parameters and encodings for the OAuth 2.0 token and introspection endpoints when used with the framework for Authentication and Authorization for Constrained Environments (ACE). These are used to express the proof-of-possession (PoP) key the client wishes to use, the PoP key that the authorization server has selected, and the PoP key the resource server uses to authenticate to the client.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.