oauth-v2-1 icon indicating copy to clipboard operation
oauth-v2-1 copied to clipboard

Published 20 hours ago verified publisher icon oauth-wg

Metadata

OAuth 2.1 is a consolidation of the core OAuth 2.0 specs

Results 65 oauth-v2-1 issues
Sort by recently updated
recently updated
newest added

Relations with COAP / RFC9200

## Question It seems that there are non-TLS-based implementations of OAuth. Should we better decouple the flows from channel requirements? See https://datatracker.ietf.org/doc/rfc9200/

ioggstream avatar ioggstream

Reorganize section 7.1.1

reorganize access token threats section

tlodderstedt avatar tlodderstedt

Reference Errors in Section 4.1.1

There are two reference errors in the following paragraph in [Section 4.1.1](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-12#section-4.1.1): > Clients MUST use code_challenge and code_verifier and authorization servers MUST enforce their use except under the conditions...

mrcaidev avatar mrcaidev

RFC9449 duplicated in Appendix D

RFC9449 appeared twice in [Appendix D. Extensions](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-12#name-extensions). To prevent similar issues from happening, I think these extensions can be sorted by their RFC serial number.

mrcaidev avatar mrcaidev

rework description of access token

see 1.4 > Access tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server. - separate out what...

dickhardt avatar dickhardt

Metadata

41
Stars
24
Forks
Watchers

Owner

verified publisher icon oauth-wg

Metadata

OAuth 2.1 is a consolidation of the core OAuth 2.0 specs

Back