Re: [OAUTH-WG] OAuth 2.0 Authorization Server Metadata is now RFC 8414

Thu, 28 Jun 2018 17:01:40 -0700 

Congratulations!

> Am 28.06.2018 um 18:15 schrieb William Denniss 
> <wdenniss=40google....@dmarc.ietf.org>:
> 
> Congratulations!
> 
> Really glad that we have an RFC specifying how servers should provide their 
> configuration data in machine readable form. Helps with developer experience 
> (less manual configuration), as well as mitigating mix-up attacks (better 
> association of related endpoints), amongst other benefits.
> 
> I'm happy to say that the AppAuth clients support RFC 8414, through discovery 
> methods that take a complete URL, in addition to the issuer-based ones 
> designed for OIDC usage.
> 
> 
>> On Thu, Jun 28, 2018 at 3:54 PM, Mike Jones 
>> <Michael.Jones=40microsoft....@dmarc.ietf.org> wrote:
>> The OAuth 2.0 Authorization Server Metadata specification is now RFC 8414..  
>> The abstract describes the specification as:
>> 
>>  
>> 
>> This specification defines a metadata format that an OAuth 2.0 client can 
>> use to obtain the information needed to interact with an OAuth 2.0 
>> authorization server, including its endpoint locations and authorization 
>> server capabilities.
>> 
>>  
>> 
>> The specification defines a JSON metadata representation for OAuth 2.0 
>> authorization servers that is compatible with OpenID Connect Discovery 1.0.  
>> This specification is a true instance of standardizing existing practice.  
>> OAuth 2.0 deployments have been using the OpenID Connect metadata format to 
>> describe their endpoints and capabilities for years.  This RFC makes this 
>> existing practice a standard.
>> 
>>  
>> 
>> Having a standard OAuth metadata format makes it easier for OAuth clients to 
>> configure connections to OAuth authorization servers.  See 
>> https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#authorization-server-metadata
>>  for the initial set of registered metadata values.
>> 
>>  
>> 
>> Thanks to all of you who helped make this standard a reality!
>> 
>>  
>> 
>>                                                        -- Mike
>> 
>>  
>> 
>> P.S.  This announcement was also posted at http://self-issued.info/?p=1883 
>> and as @selfissued.
>> 
>>  
>> 
>> 
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to