Skip to main content

The Grant Negotiation and Authorization Protocol

Document Type Expired Internet-Draft (individual)
Author Dick Hardt
Last updated 2021-02-16 (Latest revision 2020-08-15)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text html xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:


Client software often desires resources or identity claims that are independent of the client. This protocol allows a user and/or resource owner to delegate resource authorization and/or release of identity claims to a server. Client software can then request access to resources and/or identity claims by calling the server. The server acquires consent and authorization from the user and/or resource owner if required, and then returns to the client software the authorization and identity claims that were approved. This protocol may be extended on many dimensions.


Dick Hardt

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)