RFC 6749: The OAuth 2.0 Authorization Framework

Tags

Top Highlights

• resource owner

• protected

• rameter":"example_value" }

• The authorization server may be the same server as the resource server

• BSD License

• Internet Engineering Steering Group (IESG)

• authorization framework

• enables

• a third-party application to obtain limited access to an HTTP service

• Internet Engineering Task Force (IETF)

• traditional client-server authentication model

• client

• server

• resource owner's credentials

• third-party applications access

• problems and limitations

• overly

• OAuth

• Instead of using the resource owner's credentials to access protected resources

• authorization server