{"id":2486,"date":"2024-01-24T19:52:25","date_gmt":"2024-01-25T03:52:25","guid":{"rendered":"https:\/\/self-issued.info\/?p=2486"},"modified":"2025-05-09T06:52:34","modified_gmt":"2025-05-09T13:52:34","slug":"oauth-2-0-protected-resource-metadata-draft-addressing-all-known-issues","status":"publish","type":"post","link":"https:\/\/self-issued.info\/?p=2486","title":{"rendered":"OAuth 2.0 Protected Resource Metadata draft addressing all known issues"},"content":{"rendered":"<p><span class=\"plain\"><img decoding=\"async\" align=\"right\" alt=\"OAuth logo\" src=\"https:\/\/self-issued.info\/images\/oauth_logo_120x120.png\"><a href=\"https:\/\/twitter.com\/aaronpk\">Aaron Parecki<\/a> and I have published a draft of the &#8220;OAuth 2.0 Protected Resource Metadata&#8221; specification that addresses all the issues that we&#8217;re aware of.  In particular, the updates address the comments received during the discussions at IETF 118.  As described in the History entry for -02, the changes were:<\/p>\n<ul>\n<li>Switched from concatenating <code>.well-known<\/code> to the end of the resource identifier to inserting it between the host and path components of it.<\/li>\n<li>Have <code>WWW-Authenticate<\/code> return <code>resource_metadata<\/code> rather than <code>resource<\/code>.<\/li>\n<\/ul>\n<p>The specification is available at:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-oauth-resource-metadata-02.html\">https:\/\/www.ietf.org\/archive\/id\/draft-ietf-oauth-resource-metadata-02.html<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Aaron Parecki and I have published a draft of the &#8220;OAuth 2.0 Protected Resource Metadata&#8221; specification that addresses all the issues that we&#8217;re aware of. In particular, the updates address the comments received during the discussions at IETF 118. As described in the History entry for -02, the changes were: Switched from concatenating .well-known to [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32,26,25],"tags":[],"class_list":["post-2486","post","type-post","status-publish","format-standard","hentry","category-ietf","category-oauth","category-specifications"],"_links":{"self":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/2486","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2486"}],"version-history":[{"count":1,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/2486\/revisions"}],"predecessor-version":[{"id":2487,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/2486\/revisions\/2487"}],"wp:attachment":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2486"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2486"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}