Skip to main content

Grant Negotiation and Authorization Protocol

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: The IESG <>,,,,,,
Subject: Protocol Action: 'Grant Negotiation and Authorization Protocol' to Proposed Standard (draft-ietf-gnap-core-protocol-19.txt)

The IESG has approved the following document:
- 'Grant Negotiation and Authorization Protocol'
  (draft-ietf-gnap-core-protocol-19.txt) as Proposed Standard

This document is the product of the Grant Negotiation and Authorization
Protocol Working Group.

The IESG contact persons are Paul Wouters and Roman Danyliw.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

   GNAP defines a mechanism for delegating authorization to a piece of
   software, and conveying the results and artifacts of that delegation
   to the software.  This delegation can include access to a set of APIs
   as well as subject information passed directly to the software.

Working Group Summary

There was WG consensus to publish.

Document Quality

There are a number of implementations that informed the development of this document:

* GNAP Authorization Service in Rust implementation by David Skyberg. Prototype implementation of AS and client in Rust. MIT license.

* GNAP JS Client from Interop Alliance, implementation by Dmitri Zagidulin. Prototype implementation of client in JavaScript. MIT License.

* Rafiki from Interledger Foundation. Production implementation of AS in JavaScript. Apache 2.0 license.

* Sample GNAP Client in PHP implementation by Aaron Parecki. Prototype implementation of web application client and CLI client in PHP, with common support library. CC0 license.

* SUNET Auth Server from SUNET. Production implementation of AS in Python. BSD license.

* Trustbloc from Gen Digital. Production implementation of AS and client in Go. Apache 2.0 license.

* Verified.ME from SecureKey. Production implementation of AS, client and RS. Proprietary license.

* XYZ from Bespoke Engineering, implementation by Justin Richer. Advanced prototype implementation of AS, client, and RS in Java, with common support library. Prototype implementation of SPA client in JavaScript. Apache 2.0 license.


The Document Shepherd for this document is Yaron Sheffer. 

The Responsible Area Director is Roman Danyliw.

RFC Editor Note