{"id":1389,"date":"2015-05-19T16:56:27","date_gmt":"2015-05-19T23:56:27","guid":{"rendered":"https:\/\/self-issued.info\/?p=1389"},"modified":"2015-05-19T16:56:27","modified_gmt":"2015-05-19T23:56:27","slug":"the-oauth-assertions-specs-are-now-rfcs","status":"publish","type":"post","link":"https:\/\/self-issued.info\/?p=1389","title":{"rendered":"The OAuth Assertions specs are now RFCs!"},"content":{"rendered":"<p><span class=\"plain\"><img decoding=\"async\" align=\"right\" src=\"https:\/\/self-issued.info\/images\/oauth_logo_120x120.png\" alt=\"OAuth logo\" \/><\/span>The OAuth Assertions specifications are now standards &#8212; IETF RFCs.  They are:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.rfc-editor.org\/info\/rfc7521\">RFC 7521<\/a>:  Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants<\/li>\n<li><a href=\"http:\/\/www.rfc-editor.org\/info\/rfc7522\">RFC 7522<\/a>:  Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants<\/li>\n<li><a href=\"http:\/\/www.rfc-editor.org\/info\/rfc7523\">RFC 7523<\/a>:  JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants<\/li>\n<\/ul>\n<p>This completes the nearly 5 year journey to create standards for using security tokens as OAuth 2.0 authorization grants and for OAuth 2.0 client authentication.  Like the <a href=\"https:\/\/self-issued.info\/?p=1387\">JWT and JOSE specs that are now also RFCs<\/a>, these specifications have been in widespread use for a number of years, enabling claims-based use of OAuth 2.0.  My personal thanks to <a href=\"https:\/\/twitter.com\/__b_c\">Brian Campbell<\/a> and <a href=\"https:\/\/twitter.com\/cmort\">Chuck Mortimore<\/a> for getting the ball rolling on this and seeing it through to completion, to <a href=\"http:\/\/www.goland.org\/\">Yaron Goland<\/a> for helping us generalize what started as a SAML-only authorization-grant-only spec to a framework also supporting client authentication and JWTs, and to the <a href=\"http:\/\/datatracker.ietf.org\/wg\/oauth\/charter\/\">OAuth working group<\/a> members, chairs, area directors, and IETF members who contributed to these useful specifications.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The OAuth Assertions specifications are now standards &#8212; IETF RFCs. They are: RFC 7521: Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants RFC 7522: Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants RFC 7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,28,27,26,25],"tags":[],"class_list":["post-1389","post","type-post","status-publish","format-standard","hentry","category-claims","category-cryptography","category-json","category-oauth","category-specifications"],"_links":{"self":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/1389","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1389"}],"version-history":[{"count":1,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/1389\/revisions"}],"predecessor-version":[{"id":1390,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/1389\/revisions\/1390"}],"wp:attachment":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1389"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1389"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1389"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}