Protocol Action: 'OAuth 2.0 Token Introspection' to Proposed Standard (draft-ietf-oauth-introspection-11.txt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The IESG has approved the following document:
- 'OAuth 2.0 Token Introspection'
  (draft-ietf-oauth-introspection-11.txt) as Proposed Standard

This document is the product of the Web Authorization Protocol Working
Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-introspection/





Technical Summary

   The "OAuth 2.0 Token Introspection" specification defines a method 
   for a protected resource to query an OAuth 2.0 authorization server 
   to determine the active state of an OAuth 2.0 token and to determine 
   meta-information about this token. OAuth 2.0 deployments can use 
   this method to convey information about the authorization context 
   of the token from the authorization server to the protected resource.

Working Group Summary

There was no controversy. When the specification was brought 
to the working group the concept was already well established and 
in use. 

Document Quality

There are multiple implementations of this specification, 
with links included in the shepherd writeup.

Personnel

Hannes Tschofenig is the document shepherd and Kathleen Moriarty is 
the responsible area director.

IANA Note

The IANA consideration section defines a new registry, called 
"OAuth Token Introspection Response Registry", and populates this 
registry with 12 values.  Additional entries may be added with a 
Specification Required ([RFC5226]) and Designated Expert review on
the oauth-ext-review@ietf.org mailing list.




[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux