%% You should probably cite draft-ietf-oauth-v2-1-10 instead of this revision.
@techreport{ietf-oauth-v2-1-08,
    number =    {draft-ietf-oauth-v2-1-08},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-1/08/},
    author =    {Dick Hardt and Aaron Parecki and Torsten Lodderstedt},
    title =     {{The OAuth 2.1 Authorization Framework}},
    pagetotal = 88,
    year =      2023,
    month =     mar,
    day =       13,
    abstract =  {The OAuth 2.1 authorization framework enables an application to obtain limited access to a protected resource, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and an authorization service, or by allowing the application to obtain access on its own behalf. This specification replaces and obsoletes the OAuth 2.0 Authorization Framework described in RFC 6749 and the Bearer Token Usage in RFC 6750.},
}