Draft 16 of the OAuth 2.0 Bearer Token Specification has been published. This version contains a proposed resolution to the auth-param syntax issue that has been reviewed by Julian Reschke, Mark Nottingham, and the OAuth WG chairs. It also addresses the Gen-ART review comments by Alexey Melnikov.
It contains the following changes:
- Use the HTTPbis auth-param syntax for Bearer challenge attributes.
- Dropped the sentence “The realm value is intended for programmatic use and is not meant to be displayed to end users”.
- Reordered form-encoded body parameter description bullets for better readability.
- Added [USASCII] reference.
The draft is available at:
An HTML-formatted version is available at: