{"id":1276,"date":"2014-08-21T16:06:10","date_gmt":"2014-08-21T23:06:10","guid":{"rendered":"https:\/\/self-issued.info\/?p=1276"},"modified":"2014-08-21T16:06:10","modified_gmt":"2014-08-21T23:06:10","slug":"working-group-draft-for-oauth-2-0-act-as-and-on-behalf-of","status":"publish","type":"post","link":"https:\/\/self-issued.info\/?p=1276","title":{"rendered":"Working Group Draft for OAuth 2.0 Act-As and On-Behalf-Of"},"content":{"rendered":"

\"OAuth<\/span>There’s now an OAuth working group draft of the OAuth 2.0 Token Exchange specification, which provides Act-As and On-Behalf-Of functionality for OAuth 2.0. This functionality is deliberately modelled on the same functionality present in WS-Trust.<\/p>\n

Here’s a summary of the two concepts in a nutshell: Act-As<\/strong> indicates that the requestor wants a token that contains claims about two distinct entities<\/em>: the requestor and an external entity represented by the token in the act_as<\/code> parameter. On-Behalf-Of<\/strong> indicates that the requestor wants a token that contains claims only about one entity<\/em>: the external entity represented by the token in the on_behalf_of<\/code> parameter.<\/p>\n

This draft is identical to the previously announced token exchange draft<\/a>, other than that is a working group document, rather than an individual submission.<\/p>\n

This specification is available at:<\/p>\n