OAuth 2.0 & OIDC

• Concepts
  • OAuth 2.0 Roles
  • OAuth 2.0 Flow
  • Grant Types
  • Client Authentication Methods
  • Token Scopes
  • Endpoints
• Client
  • HTTP Clients
  • Web Clients
• Authorization Server
  • Understand
  • How-to
  • Reference
• Resource Server
  • Understand
  • How-to
  • Reference
• Specifications
  • RFC6749: The OAuth 2.0 Authorization Framework
  • RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
  • RFC7009: OAuth 2.0 Token Revocation
  • RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
  • RFC7591: OAuth 2.0 Dynamic Client Registration Protocol
  • RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol
  • RFC7636: Proof Key for Code Exchange by OAuth Public Clients
  • RFC7662: OAuth 2.0 Token Introspection
  • RFC8414: OAuth 2.0 Authorization Server Metadata
  • RFC8628: OAuth 2.0 Device Authorization Grant
  • RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens
  • RFC9101: The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR)
  • RFC9207: OAuth 2.0 Authorization Server Issuer Identification
  • OpenID Connect 1.0
  • OpenID Connect RP-Initiated Logout 1.0