The OAuth 2.1 Authorization Framework
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
|Authors||Dick Hardt , Aaron Parecki , Torsten Lodderstedt|
|Last updated||2021-01-31 (Latest revision 2020-07-30)|
|RFC stream||Internet Engineering Task Force (IETF)|
|Additional resources||Mailing list discussion|
|Stream||WG state||WG Document|
|Associated WG milestone||
|Send notices to||(None)|
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
The OAuth 2.1 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 2.0 Authorization Framework described in RFC 6749.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)