RFC 9560
Federated Authentication for the Registration Data Access Protocol (RDAP) Using OpenID Connect, April 2024
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Author:
- S. Hollenbeck
- Stream:
- IETF
- Source:
- regext (art)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9560
Discuss this RFC: Send questions or comments to the mailing list regext@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9560
Abstract
The Registration Data Access Protocol (RDAP) provides Representational State Transfer (RESTful) web services to retrieve registration metadata from domain name and regional internet registries. RDAP allows a server to make access control decisions based on client identity, and as such, it includes support for client identification features provided by the Hypertext Transfer Protocol (HTTP). Identification methods that require clients to obtain and manage credentials from every RDAP server operator present management challenges for both clients and servers, whereas a federated authentication system would make it easier to operate and use RDAP without the need to maintain server-specific client credentials. This document describes a federated authentication system for RDAP based on OpenID Connect.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.