%% You should probably cite rfc9200 instead of this I-D. @techreport{ietf-ace-oauth-authz-14, number = {draft-ietf-ace-oauth-authz-14}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-authz/14/}, author = {Ludwig Seitz and Göran Selander and Erik Wahlstroem and Samuel Erdtman and Hannes Tschofenig}, title = {{Authentication and Authorization for Constrained Environments (ACE) using the OAuth 2.0 Framework (ACE-OAuth)}}, pagetotal = 69, year = 2018, month = sep, day = 19, abstract = {This specification defines a framework for authentication and authorization in Internet of Things (IoT) environments called ACE- OAuth. The framework is based on a set of building blocks including OAuth 2.0 and CoAP, thus making a well-known and widely used authorization solution suitable for IoT devices. Existing specifications are used where possible, but where the constraints of IoT devices require it, extensions are added and profiles are defined.}, }