All, MITRE, in support of the U.S. Government, has developed tailored OAuth 2.0 Token Exchange profiles for use in an enterprise environment. These documents build on the OAuth 2.0 profile<https://www.mitre.org/publications/technical-papers/enterprise-mission-tailored-oauth-20-and-openid-connect-profiles> MITRE released whose requirements have been incorporated into OAuth 2.1. The documents enable “identity chaining” by ensuring that the identities of the user, client, and protected resources are propagated in the issued access tokens to make appropriate access decisions.
Token and Identity Chaining between Protected Resources in a Single ICAM Ecosytem using OAuth Token Exchange<https://www.mitre.org/publications/technical-papers/token-and-identity-chaining-between-protected-resources-in-a-single-icam-ecosystem-using-oauth-token-exchange> Token and Identity Chaining between Protected Resources in a Multiple ICAM Ecosytem using OAuth Token Exchange<https://www.mitre.org/publications/technical-papers/token-and-identity-chaining-between-protected-resources-in-a-multiple-icam-ecosystem-using-oauth-token-exchange> Please note, we will be working with the standards bodies to move these concepts forward. These current profiles and this email should be considered as informational as we seek additional feedback from Subject Matter Experts throughout the Community. We welcome your comments and suggestions at oauthoidcprofi...@groups.mitre.org<mailto:oauthoidcprofi...@groups.mitre.org> . Regards, Kelley Burgin, Ph.D. Cybersecurity Engineer The MITRE Corporation (571) 424 - 8642
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
