NewsNews

NewsRSS

Curity propose enhancements to OAuth 2.0

Curity propose enhancements to OAuth 2.0

Curity have submitted a draft RFC, The OAuth 2.0 Authorization Framework: Claims.

In the RFC, we propose an extension of OAuth 2.0 to include the claims concept from OpenID Connect, which we believe would strengthen the OAuth framework.

This mechanism could be used both during the authorization and refresh request, it also defines a response parameter of the token and introspection endpoints that indicates to the caller which claims were authorized by the resource owner.

You can view the draft RFC here.

Travis Spencer, identity specialist and CEO of Curity, will be at the IEFT 106 meeting in Singapore 16-22 November to present and discuss the RFC.

Back to news

Next steps

Start Today

Ready to modernize IAM? Build security and improve ease of use to stay ahead of the competition.

Free trial icon representing Start a free trial

Start a Free Trial

Calendar icon representing Schedule a demo

Schedule a demo

User with a computer icon representing Speak to an Identity Specialist

Speak to an Identity Specialist

Book icon representing Explore learning resources

Explore learning resources