%% You should probably cite rfc6750 instead of this I-D. @techreport{ietf-oauth-v2-bearer-23, number = {draft-ietf-oauth-v2-bearer-23}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/23/}, author = {Michael B. Jones and Dick Hardt}, title = {{The OAuth 2.0 Authorization Framework: Bearer Token Usage}}, pagetotal = 18, year = 2012, month = aug, day = 1, abstract = {This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. {[}STANDARDS-TRACK{]}}, }