@techreport{ietf-oauth-identity-chaining-14,
    number =    {draft-ietf-oauth-identity-chaining-14},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-oauth-identity-chaining/14/},
    author =    {Arndt Schwenkschuster and Pieter Kasselman and Kelley Burgin and Michael J. Jenkins and Brian Campbell and Aaron Parecki},
    title =     {{OAuth Identity and Authorization Chaining Across Domains}},
    pagetotal = 29,
    year =      2026,
    month =     jun,
    day =       2,
    abstract =  {This specification describes a mechanism for preserving identity and authorization information across trust domains that use the OAuth 2.0 Framework. A JSON Web Token (JWT) authorization grant, obtained through an intra-domain OAuth 2.0 Token Exchange, facilitates the cross-domain acquisition of an access token. The relevant identity and authorization information is chained throughout the flow by being conveyed in the respective artifacts exchanged at each step of the process. Chaining across multiple domains is achieved by using the same protocol every time a trust domain boundary is crossed.},
}