GPTKB
Browse
Query
Compare
Download
Publications
Contributors
Search
OAuth 2.0 Pushed Authorization Requests
URI:
https://gptkb.org/entity/OAuth_2.0_Pushed_Authorization_Requests
GPTKB entity
Statements (45)
Predicate
Object
gptkbp:instanceOf
gptkb:OAuth_2.0_extension
gptkbp:abbreviation
gptkb:PAR
gptkbp:author
gptkb:Daniel_Fett
gptkb:Brian_Campbell
gptkb:Vittorio_Bertocci
gptkbp:benefit
prevents leaking of sensitive data in browser history
enables sender-constrained tokens
prevents parameter manipulation by end-user
gptkbp:category
gptkb:International_Standard
gptkb:Authentication_protocol
Web security
gptkbp:complement
gptkb:OAuth_2.0_JAR
gptkb:OAuth_2.0_PKCE
gptkbp:definedIn
gptkb:RFC_9126
gptkbp:enables
confidential transmission of authorization parameters
gptkbp:extendsTo
gptkb:OAuth_2.0_Authorization_Framework
gptkbp:improves
security for confidential clients
security for public clients
gptkbp:mechanismOfAction
authorization server returns a request URI
clients send authorization parameters directly to authorization server
gptkbp:parameter
gptkb:state_order
request
scope
client_id
redirect_uri
request_uri
response_type
gptkbp:publicationDate
2021-10
gptkbp:publishedBy
gptkb:IETF
gptkbp:purpose
prevent authorization request tampering
improve security of OAuth 2.0 authorization requests
gptkbp:reduces
risk of leaking sensitive data in browser URLs
gptkbp:relatedTo
gptkb:OAuth_2.0_Authorization_Code_Flow
gptkb:OAuth_2.0_JWT_Secured_Authorization_Request_(JAR)
gptkbp:requestEndpoint
/par
gptkbp:requires
client support
authorization server support
gptkbp:responseParameter
expires_in
request_uri
gptkbp:status
Proposed Standard
gptkbp:usedIn
gptkb:financial-grade_API_(FAPI)
Open Banking
gptkbp:bfsParent
gptkb:RFC_9007
gptkbp:bfsLayer
7
https://www.w3.org/2000/01/rdf-schema#label
OAuth 2.0 Pushed Authorization Requests