OAuth 2.0: Difference between revisions
Jump to navigation
Jump to search
| (13 intermediate revisions by the same user not shown) | |||
| Line 6: | Line 6: | ||
* RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage https://tools.ietf.org/html/rfc6750 | * RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage https://tools.ietf.org/html/rfc6750 | ||
* RFC 6819 - OAuth 2.0 Threat Model and Security Considerations https://tools.ietf.org/html/rfc6819 | * RFC 6819 - OAuth 2.0 Threat Model and Security Considerations https://tools.ietf.org/html/rfc6819 | ||
* RFC 7009 - OAuth 2.0 Token Revocation https://tools.ietf.org/html/rfc7009 | |||
* RFC 7519 - JSON Web Token (JWT) https://tools.ietf.org/html/rfc7519 | |||
* RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants https://tools.ietf.org/html/rfc7521 | |||
* RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants https://tools.ietf.org/html/rfc7522 | |||
* RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grantshttps://tools.ietf.org/html/rfc7523 | |||
* RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol https://tools.ietf.org/html/rfc7591 | |||
* RFC 7628 - A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth https://tools.ietf.org/html/rfc7628 | * RFC 7628 - A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth https://tools.ietf.org/html/rfc7628 | ||
* RFC 7662 - OAuth 2.0 Token Introspection https://tools.ietf.org/html/rfc7662 | |||
* OAuth support in OpenShift https://docs.openshift.com/container-platform/latest/architecture/additional_concepts/authentication.html#oauth | |||
* https://www.infoq.com/presentations/oauth2-microservices-security | |||
=Internal= | =Internal= | ||
* [[Security_Concepts#Security_Protocols|Security Concepts]] | |||
* [[OpenID Connect]] | * [[OpenID Connect]] | ||
* [[JWT]] | * [[JWT]] | ||
* [[JOSE]] | * [[JOSE]] | ||
* [[SASL]] | |||
=Overview= | =Overview= | ||
OAuth is an open standard for authorization. | OAuth is an open standard for authorization. | ||
=Implementations= | |||
{{External|https://oauth.net/code/}} | |||
=Subjects= | |||
* [[OAuth 2.0 Concepts|OAuth 2.0 Concepts]] | |||
* [[Google OAuth 2.0]] | |||
Latest revision as of 21:38, 16 May 2019
External
- https://oauth.net/2/
- https://en.wikipedia.org/wiki/OAuth
- RFC 6749 - The OAuth 2.0 Authorization Framework https://tools.ietf.org/html/rfc6749
- RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage https://tools.ietf.org/html/rfc6750
- RFC 6819 - OAuth 2.0 Threat Model and Security Considerations https://tools.ietf.org/html/rfc6819
- RFC 7009 - OAuth 2.0 Token Revocation https://tools.ietf.org/html/rfc7009
- RFC 7519 - JSON Web Token (JWT) https://tools.ietf.org/html/rfc7519
- RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants https://tools.ietf.org/html/rfc7521
- RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants https://tools.ietf.org/html/rfc7522
- RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grantshttps://tools.ietf.org/html/rfc7523
- RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol https://tools.ietf.org/html/rfc7591
- RFC 7628 - A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth https://tools.ietf.org/html/rfc7628
- RFC 7662 - OAuth 2.0 Token Introspection https://tools.ietf.org/html/rfc7662
- OAuth support in OpenShift https://docs.openshift.com/container-platform/latest/architecture/additional_concepts/authentication.html#oauth
- https://www.infoq.com/presentations/oauth2-microservices-security
Internal
Overview
OAuth is an open standard for authorization.