{"draft":"draft-ietf-oauth-assertions-18","doc_id":"RFC7521","title":"Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants","authors":["B. Campbell","C. Mortimore","M. Jones","Y. Goland"],"format":["ASCII","HTML"],"page_count":"20","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Web Authorization Protocol","abstract":"This specification provides a framework for the use of assertions\r\nwith OAuth 2.0 in the form of a new client authentication mechanism\r\nand a new authorization grant type.  Mechanisms are specified for\r\ntransporting assertions during interactions with a token endpoint;\r\ngeneral processing rules are also specified.\r\n\r\nThe intent of this specification is to provide a common framework for\r\nOAuth 2.0 to interwork with other identity systems using assertions\r\nand to provide alternative client authentication mechanisms.\r\n\r\nNote that this specification only defines abstract message flows and\r\nprocessing rules.  In order to be implementable, companion\r\nspecifications are necessary to provide the corresponding concrete\r\ninstantiations.","pub_date":"May 2015","keywords":["OAuth","SAML","JWT","Assertion"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7521","errata_url":null}