{"id":508,"date":"2011-05-21T14:59:08","date_gmt":"2011-05-21T21:59:08","guid":{"rendered":"https:\/\/self-issued.info\/?p=508"},"modified":"2011-05-21T14:59:08","modified_gmt":"2011-05-21T21:59:08","slug":"oauth-2-0-bearer-token-specification-draft-05","status":"publish","type":"post","link":"https:\/\/self-issued.info\/?p=508","title":{"rendered":"OAuth 2.0 Bearer Token Specification draft -05"},"content":{"rendered":"<p><span class=\"plain\"><img decoding=\"async\" align=\"right\" src=\"https:\/\/self-issued.info\/images\/oauth_logo_120x120.png\" alt=\"OAuth logo\" \/><\/span>In preparation for the OAuth working group meeting on Monday, I&#8217;ve published <a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.html\">draft 05<\/a> of the <a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.html\">OAuth Bearer Token Specification<\/a>, incorporating input received from the OAuth design team.  The changes in this draft are:<\/p>\n<ul>\n<li>Removed OAuth Errors Registry, per design team input. <\/li>\n<li>Changed HTTP status code for invalid_request error code from HTTP 400 (Bad Request) to HTTP 401 (Unauthorized) to match HTTP usage [[ change pending working group consensus ]].<\/li>\n<li>Added missing quotation marks in error-uri definition. <\/li>\n<li>Added note to add language and encoding information to error_description if the core specification does.<\/li>\n<li>Explicitly reference the Augmented Backus-Naur Form (ABNF) defined in [RFC5234].<\/li>\n<li>Use auth-param instead of repeating its definition, which is ( token &#8220;=&#8221; ( token \/ quoted-string ) ).<\/li>\n<li>Clarify security considerations about including an audience restriction in the token and include a recommendation to issue scoped bearer tokens in the summary of recommendations.<\/li>\n<\/ul>\n<p>The draft is available at these locations:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.ietf.org\/internet-drafts\/draft-ietf-oauth-v2-bearer-05.pdf\">http:\/\/www.ietf.org\/internet-drafts\/draft-ietf-oauth-v2-bearer-05.pdf<\/a><\/li>\n<li><a href=\"http:\/\/www.ietf.org\/internet-drafts\/draft-ietf-oauth-v2-bearer-05.txt\">http:\/\/www.ietf.org\/internet-drafts\/draft-ietf-oauth-v2-bearer-05.txt<\/a><\/li>\n<li><a href=\"http:\/\/www.ietf.org\/internet-drafts\/draft-ietf-oauth-v2-bearer-05.xml\">http:\/\/www.ietf.org\/internet-drafts\/draft-ietf-oauth-v2-bearer-05.xml<\/a><\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.html\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.html<\/a><\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.pdf\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.pdf<\/a><\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.txt\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.txt<\/a><\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.xml\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer-05.xml<\/a><\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.html\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.html<\/a> (will point to new versions as they are posted)<\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.pdf\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.pdf<\/a> (will point to new versions as they are posted)<\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.txt\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.txt<\/a> (will point to new versions as they are posted)<\/li>\n<li><a href=\"https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.xml\">https:\/\/self-issued.info\/docs\/draft-ietf-oauth-v2-bearer.xml<\/a> (will point to new versions as they are posted)<\/li>\n<li><a href=\"http:\/\/svn.openid.net\/repos\/specifications\/oauth\/2.0\/\">http:\/\/svn.openid.net\/repos\/specifications\/oauth\/2.0\/<\/a> (Subversion repository, with html, pdf, txt, and html versions available)<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>In preparation for the OAuth working group meeting on Monday, I&#8217;ve published draft 05 of the OAuth Bearer Token Specification, incorporating input received from the OAuth design team. The changes in this draft are: Removed OAuth Errors Registry, per design team input. Changed HTTP status code for invalid_request error code from HTTP 400 (Bad Request) [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26,25],"tags":[],"class_list":["post-508","post","type-post","status-publish","format-standard","hentry","category-oauth","category-specifications"],"_links":{"self":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/508","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=508"}],"version-history":[{"count":4,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/508\/revisions"}],"predecessor-version":[{"id":512,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/508\/revisions\/512"}],"wp:attachment":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=508"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=508"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=508"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}