OAuth 2.0 Pushed Authorization Requests
GPTKB entity
Statements (45)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
OAuth 2.0 extension
|
| gptkbp:abbreviation |
gptkb:PAR
|
| gptkbp:author |
gptkb:Daniel_Fett
gptkb:Brian_Campbell gptkb:Vittorio_Bertocci |
| gptkbp:benefit |
prevents leaking of sensitive data in browser history
enables sender-constrained tokens prevents parameter manipulation by end-user |
| gptkbp:category |
gptkb:International_Standard
Web security Authentication protocol |
| gptkbp:complement |
gptkb:OAuth_2.0_JAR
gptkb:OAuth_2.0_PKCE |
| gptkbp:definedIn |
gptkb:RFC_9126
|
| gptkbp:enables |
confidential transmission of authorization parameters
|
| gptkbp:extendsTo |
gptkb:OAuth_2.0_Authorization_Framework
|
| https://www.w3.org/2000/01/rdf-schema#label |
OAuth 2.0 Pushed Authorization Requests
|
| gptkbp:improves |
security for confidential clients
security for public clients |
| gptkbp:mechanismOfAction |
authorization server returns a request URI
clients send authorization parameters directly to authorization server |
| gptkbp:parameter |
gptkb:state_order
request scope client_id redirect_uri request_uri response_type |
| gptkbp:publicationDate |
2021-10
|
| gptkbp:publishedBy |
gptkb:IETF
|
| gptkbp:purpose |
prevent authorization request tampering
improve security of OAuth 2.0 authorization requests |
| gptkbp:reduces |
risk of leaking sensitive data in browser URLs
|
| gptkbp:relatedTo |
gptkb:OAuth_2.0_Authorization_Code_Flow
gptkb:OAuth_2.0_JWT_Secured_Authorization_Request_(JAR) |
| gptkbp:requestEndpoint |
/par
|
| gptkbp:requires |
client support
authorization server support |
| gptkbp:responseParameter |
expires_in
request_uri |
| gptkbp:status |
Proposed Standard
|
| gptkbp:usedIn |
gptkb:financial-grade_API_(FAPI)
Open Banking |
| gptkbp:bfsParent |
gptkb:RFC_9007
|
| gptkbp:bfsLayer |
7
|