One document matched: draft-wmills-oauth-lrdd-06.xml
<?xml version="1.0"?>
<!DOCTYPE rfc SYSTEM 'rfc2629.dtd'>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<?rfc compact="no" ?>
<?rfc sortrefs="yes" ?>
<?rfc strict="yes" ?>
<?rfc linkmailto="yes" ?>
<rfc ipr="trust200902" docName="draft-wmills-oauth-lrdd-06.txt" category="info">
<front>
<title abbrev="Link Type Registrations for OAuth 2">Link Type Registrations for OAuth 2</title>
<author fullname="William J. Mills" initials="W." surname="Mills">
<organization>Yahoo! Inc.</organization>
<address>
<postal>
<street/>
<city/>
<code/>
<region/>
<country/>
</postal>
<phone/>
<email>wmills_92105@yahoo.com</email>
</address>
</author>
<date year="2012"/>
<workgroup>Individual</workgroup>
<abstract>
<t>
Defines link type registrations for the OAuth 2
authentication framework and OAuth 1.0a.
</t>
</abstract>
</front>
<middle>
<!-- ******************************************************************** -->
<section title="Introduction">
<t>This document defines the link type <xref target="RFC5988"/> registrations for the
OAuth 2 <xref target="I-D.ietf-oauth-v2"/> authentication framework and
for OAuth 1.0a <xref target="RFC5849"/>.
These link types are used during the endpoint discovery process using Web Host Metadata
<xref target="RFC6415"/> and Webfinger <xref target="I-D.ietf-appsawg-webfinger"/>
by clients needing to discover the authorization, token, and initiation endpoints for a service or site.
</t>
</section>
<!-- ******************************************************************** -->
<section anchor="terminology" title="Terminology">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in
<xref target="RFC2119"/>.</t>
<t>The reader is assumed to be familiar with the terms used in the OAuth 2
and OAuth 1.0a specifcations.</t>
</section>
<!-- ******************************************************************** -->
<section title="OAuth 2 Link Types">
<t>OAuth 2 <xref target="I-D.ietf-oauth-v2"/> defines two endpoints which
a site or domain might need to advertize via a mechanism such as Webfinger
<xref target="I-D.ietf-appsawg-webfinger"/>. These are the user authorization
endpoint (usually expected to be a web page the user interacts with) and the
token endpoint used for obtaining tokens used to access protected resources.
These are described in detail in the OAuth 2 specification.
</t>
<section title="OAuth 2 Authorization Endpoint">
<t>
This link type indicates an OAuth 2 authorization endpoint
to be used for user authentication/authorization to grant access to
a protected resource.
</t>
</section>
<section title="OAuth 2 Token Endpoint">
<t>
The OAuth 2 token endpoint to be used for obtaining tokens
to access protected services. This link type has two link-extensions:
<list><t>
<list style="hanging">
<t hangText="grant-types:">A space separated list of OAuth 2 grant
types (see section 4 of <xref target="I-D.ietf-oauth-v2"/>) that can be
used at the token endpoint
to obtain a token. This is not an exclusive list, it provides a hint
to the application of what SHOULD be valid. A token endpoint MAY support
additional grant types not advertised by a discovery service. The client
MAY use this to determine the grant types available for use.
</t>
<t hangText="token-types:">A space separated list of OAuth 2 token types
(see section 7.1 of <xref target="I-D.ietf-oauth-v2"/>)
that may be issued by the token endpoint. It is possible for a token endpoint
to issue multiple tokens, and types may vary based on scope or other factors.
This is not an exclusive list, it provides a hint
to the application of what SHOULD be valid, and it MAY be used by a client
to determine if the client supports one or more of the token type(s) available.
</t>
</list>
</t></list>
</t>
</section>
</section>
<section title="OAuth 1.0a Link Types">
<t>
The OAuth 1.0a <xref target="RFC5849"/> protocol defines three endpoints that a site
supporting OAuth 1.0a might advertize via a mechanism like Webfinger: the request
initiation endpoint, the authorization endpoint, and the token endpoint.
These are descibed in detail in the OAuth 1.0a specification.
</t>
<section title="OAuth 1.0a Request Initiation Endpoint">
<t>
The OAuth 1.0a endpoint used to initiate the sequence, this short lived
request is what the user approves to grant access to the resource.
</t>
</section>
<section title="OAuth 1.0a Authorization Endpoint">
<t>
The OAuth 1.0a authorization endpoint used to approve an access request. This
is expected to be a user facing web interface.
</t>
</section>
<section title="OAuth 1.0a Token Endpoint">
<t>
The OAuth 1.0a token API endpoint used to exchange an approved access request
for a token, used by the client once the resource owner has approved the
access request.
</t>
</section>
</section>
<section title="Security Considerations">
<t> This document is informational, defining values in existing registries, and as such
has no security properties to discuss.
</t>
</section>
<!-- ******************************************************************** -->
<section title="IANA Considerations">
<section title="Link Type Registration">
<t> Pursuant to <xref target="RFC5988"/> The following link type registrations
[[will be]] registered by mail to link-relations@ietf.org.
</t>
<section title="OAuth 2 Authorization Endpoint">
<t>
<list style='symbols'>
<t>
Relation Name: oauth2-authorize
</t>
<t>
Description: An OAuth 2 authorization endpoint to be used for user
authentication/authorization to grant access to a protected resource.
</t>
<t>
Reference: Section 3.1 of [[This Document]]
</t>
<t>
Notes:
</t>
<t>
Application Data: N/A
</t>
</list>
</t>
</section>
<section title="OAuth 2 Token Endpoint">
<t>
<list style='symbols'>
<t>Relation Name: oauth2-token</t>
<t>
Description: The OAuth 2 token endpoint to be used for obtaining tokens
use to access a protected resource.
</t>
<t>
Reference: Section 3.2 of [[This Document]]
</t>
<t>
Notes: This link type has two link extension parameters: "grant-types" and
"token-types".
</t>
<t>
Application Data: N/A
</t>
</list>
</t>
</section>
<section title="OAuth 1.0a Request Initiation Endpoint">
<t>
<list style='symbols'>
<t>Relation Name: oauth-initiate</t>
<t>
Description: The OAuth 1.0a request initiation endpoint used to get an access request.
</t>
<t>Reference: Section 4.1 of [[This Document]]</t>
<t>
Notes:
</t>
<t>Application Data: N/A</t>
</list>
</t>
</section>
<section title="OAuth 1.0a Authorization Endpoint">
<t>
<list style='symbols'>
<t>Relation Name: oauth-authorize</t>
<t>
Description: The OAuth 1.0a authorization endpoint used to approve an access request.
</t>
<t>Reference: Section 4.2 of [[This Document]]</t>
<t>
Notes:
</t>
<t>Application Data: N/A</t>
</list>
</t>
</section>
<section title="OAuth 1.0a Token Endpoint">
<t>
<list style='symbols'>
<t>Relation Name: oauth-token</t>
<t>
Description: The OAuth 1.0a token API endpoint used to exchange an approved access request
for a token, used by the client once the resource owner has approved the
access request.
</t>
<t>Reference: Section 4.3 of [[This Document]]</t>
<t>
Notes:
</t>
<t>Application Data: N/A</t>
</list>
</t>
</section>
</section>
</section>
<!-- ******************************************************************** -->
<!-- ******************************************************************** -->
</middle>
<back>
<references title="Normative References">
<?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml' ?>
<?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.5849.xml' ?>
<?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.5988.xml' ?>
<?rfc include='http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-oauth-v2.xml' ?>
</references>
<references title="Informative References">
<?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.6415.xml' ?>
<?rfc include='http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-appsawg-webfinger.xml' ?>
</references>
<section title='Document History'>
<t>
[[ to be removed by RFC editor before publication as an RFC ]]
</t>
<t>
-06
</t>
<t>
<list style='symbols'>
<t>
Restructured the link extensions dscription into the prose, simplifying the IANA section.
</t>
</list>
</t>
<t>
-05
</t>
<t>
<list style='symbols'>
<t>
Changed the references to [[this document]] in the IANA parts.
</t>
<t>
Added a small ammount of text.
</t>
</list>
</t>
<t>
-04
</t>
<t>
<list style='symbols'>
<t>
Fixed the title.
</t>
<t>
Removed the examples.
</t>
</list>
</t>
<t>
-03
</t>
<t>
<list style='symbols'>
<t>
Corrected more typos and fixed the XRD for the examples, and small changes in the prose.
</t>
</list>
</t>
<t>
-02
</t>
<t>
<list style='symbols'>
<t>
Corrected typos. Added and example.
</t>
</list>
</t>
<t>
-01
</t>
<t>
<list style='symbols'>
<t>
Editorial changes, corrected authenticate to authrorize is most places, and added examples.
</t>
</list>
</t>
<t>
-00
</t>
<t>
<list style='symbols'>
<t>
Initial revision
</t>
</list>
</t>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 20:42:42 |