Managing authorization grants beyond OAuth 2

The Grant Negotiation and Authorization Protocol, also known as GNAP, is currently being formulated in an IETF working group. GNAP gives the opportunity to reflect on the strengths and weaknesses of OAuth 2, and highlights the new directions to improve digital access. We compare with the approach taken by OAuth 2 and show that designing authorization servers primarily as “token issuers” provides insightful consequences for security and privacy.

Imbault, Fabien; Richer, Justin; Parecki, Aaron (2021): Managing authorization grants beyond OAuth 2. Open Identity Summit 2021. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-706-7. pp. 193-198. Short Paper. Copenhagen, Denmark. 01.-02. June 2021

Schlagwörter

authorization protocol , OAuth 2 , GNAP

Sammlungen

P312 - Open Identity Summit 2021

Komplettanzeige

Managing authorization grants beyond OAuth 2

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen