OAuth 2.0 for Native Apps
draft-wdenniss-oauth-native-apps-00
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
Expired & archived
|
|
|---|---|---|---|
| Authors | William Denniss , John Bradley | ||
| Last updated | 2016-01-23 (Latest revision 2015-07-22) | ||
| Replaced by | draft-ietf-oauth-native-apps, RFC 8252 | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
OAuth 2.0 authorization requests from native apps should only be made through external user-agents such as the system browser. This specification details the security and usability reasons why this is the case, and how native apps and authorization servers can implement this best practice.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)