Document Name: RFC 7521
Document URI: urn:ietf:rfc:7521
Online Version:
Organization: Internet Engineering Task Force (IETF)
Series: Request for Comments (RFC)
Abstract: This specification provides a framework for the use of assertions with OAuth 2.0 in the form of a new client authentication mechanism and a new authorization grant type. Mechanisms are specified for transporting assertions during interactions with a token endpoint; general processing rules are also specified. The intent of this specification is to provide a common framework for OAuth 2.0 to interwork with other identity systems using assertions and to provide alternative client authentication mechanisms. Note that this specification only defines abstract message flows and processing rules. In order to be implementable, companion specifications are necessary to provide the corresponding concrete instantiations.

Specified Web Concepts:

OAuth Parameters

assertion , client_assertion , client_assertion_type

Return to ( Series | Organization | all Specifications )