@techreport{ietf-oauth-first-party-apps-04, number = {draft-ietf-oauth-first-party-apps-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-oauth-first-party-apps/04/}, author = {Aaron Parecki and George Fletcher and Pieter Kasselman}, title = {{OAuth 2.0 for First-Party Applications}}, pagetotal = 41, year = 2026, month = jul, day = 1, abstract = {This document defines the Authorization Challenge Endpoint, which supports clients that want to control the process of obtaining authorization from the user using a native experience. In many cases, this can provide an entirely browserless OAuth 2.0 experience suited for native applications, only delegating to the browser in unexpected, high-risk, or error conditions.}, }