KIT | KIT-Bibliothek | Impressum | Datenschutz

AARC-G052 OAuth 2.0 Proxied Token Introspection (AARC-G052)

Hardt, Marcus ORCID iD icon 1; Bucik, Dominik Frantisek; Jensen, Jens; Kanakarakis, Ivan; Kanellopoulos, Christos; Liampotis, Nicolas; Salle, Mischa
1 Scientific Computing Center (SCC), Karlsruher Institut für Technologie (KIT)

Abstract:

This specification extends the OAuth 2.0 Token Introspection (RFC7662) method to allow conveying meta-information about a token from an Authorization Server (AS) to the protected resource even when there is no direct trust relationship between the protected resource and the token issuer. The method defined in this specification, termed “proxied” token introspection, requires access tokens to be presented in JWT format containing the iss claim for identifying the issuer of the token. Proxied token introspection assumes that the AS which is trusted by the protected resource has established a trust relationship with the AS which has issued the token that needs to be validated.


Volltext §
DOI: 10.5445/IR/1000172568
Veröffentlicht am 17.07.2024
Cover der Publikation
Zugehörige Institution(en) am KIT Scientific Computing Center (SCC)
Publikationstyp Forschungsbericht/Preprint
Publikationsdatum 13.11.2023
Sprache Englisch
Identifikator KITopen-ID: 1000172568
HGF-Programm 46.21.02 (POF IV, LK 01) Cross-Domain ATMLs and Research Groups
Vorab online veröffentlicht am 12.11.2023
Schlagwörter AARC, AAI, IAM
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page