External

• https://oauth.net/2/
• https://en.wikipedia.org/wiki/OAuth
• RFC 6749 - The OAuth 2.0 Authorization Framework https://tools.ietf.org/html/rfc6749
• RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage https://tools.ietf.org/html/rfc6750
• RFC 6819 - OAuth 2.0 Threat Model and Security Considerations https://tools.ietf.org/html/rfc6819
• RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants https://tools.ietf.org/html/rfc7521
• RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants https://tools.ietf.org/html/rfc7522
• RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grantshttps://tools.ietf.org/html/rfc7523
• RFC 7628 - A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth https://tools.ietf.org/html/rfc7628

Internal

• Security Concepts
• OpenID Connect
• JWT
• JOSE

Overview

OAuth is an open standard for authorization.

Implementations

https://oauth.net/code/