{"draft":"draft-ietf-oauth-v2-bearer-23","doc_id":"RFC6750","title":"The OAuth 2.0 Authorization Framework: Bearer Token Usage","authors":["M. Jones","D. Hardt"],"format":["ASCII","HTML"],"page_count":"18","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Web Authorization Protocol","abstract":"This specification describes how to use bearer tokens in HTTP\r\nrequests to access OAuth 2.0 protected resources.  Any party in\r\npossession of a bearer token (a \"bearer\") can use it to get access to\r\nthe associated resources (without demonstrating possession of a\r\ncryptographic key).  To prevent misuse, bearer tokens need to be\r\nprotected from disclosure in storage and in transport.  \r\n[STANDARDS-TRACK]","pub_date":"October 2012","keywords":["[--------]","Client","Resource Owner","Authorization Server","Resource Server","\u00c2\u00a0Token Endpoint","Authorization Endpoint","Authorization Request","\u00c2\u00a0Authorization Grant","Protected Resource","Access Token","Refresh\u00c2\u00a0Token","Authorization Code","Implicit Grant","Client Identifier","\u00c2\u00a0Access Token Scope","Bearer Authorization Header","Bearer Access\u00c2\u00a0Token Type"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":["RFC8996"],"see_also":[],"doi":"10.17487\/RFC6750","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6750"}