%% You should probably cite draft-ietf-oauth-incremental-authz-04 instead of this revision. @techreport{ietf-oauth-incremental-authz-02, number = {draft-ietf-oauth-incremental-authz-02}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-oauth-incremental-authz/02/}, author = {William Denniss}, title = {{OAuth 2.0 Incremental Authorization}}, pagetotal = 9, year = 2019, month = may, day = 3, abstract = {OAuth 2.0 authorization requests that include every scope the client might ever need can result in over-scoped authorization and a sub- optimal end-user consent experience. This specification enhances the OAuth 2.0 authorization protocol by adding incremental authorization, the ability to request specific authorization scopes as needed, when they're needed, removing the requirement to request every possible scope that might be needed upfront.}, }