%% You should probably cite rfc6750 instead of this I-D. @techreport{ietf-oauth-v2-bearer-20, number = {draft-ietf-oauth-v2-bearer-20}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-oauth-v2-bearer/20/}, author = {Michael B. Jones and Dick Hardt and David Recordon}, title = {{The OAuth 2.0 Authorization Framework: Bearer Token Usage}}, pagetotal = 26, year = 2012, month = jun, day = 8, abstract = {This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport.}, }