OAuth 2.0 Tutorial
Selected Reading
- OAuth 2.0 - Discussion
- OAuth 2.0 - Useful Resources
- OAuth 2.0 - Quick Guide
- OAuth 2.0 - IANA Considerations
- OAuth 2.0 - Extensibility
- Accessing a Protected Resource
- Obtaining an Access Token
- OAuth 2.0 - Client Credentials
- OAuth 2.0 - Architecture
- OAuth 2.0 - Overview
- OAuth 2.0 - Home
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
OAuth 2.0 - IANA Considerations
OAuth 2.0 - IANA Considerations
IANA stands for Internet Assigned Numbers Authority which provides the information about the registration values related to the Remote Authentication Dial In User Service (RADIUS).
IANA includes the following considerations −
OAuth Access Token Types Registry
OAuth access tokens are registered by experts with required specification. If they are satisfied with the registration, only then they will pubpsh the specification. The registration request will be sent to the @ietf.org for reviewing with the subject ("Request for access token type: example"). Experts will either reject or accept the request within 14 days of the request.
Registration Template
The registration template contains the following specifications −
Type Name − It is the name of the request.
Token Endpoint Response Parameters − The additional access token response parameter will be registered separately in OAuth parameters registry.
HTTP Authentication Scheme − The HTTP authentication scheme can be used to authenticate the resources by using the access token.
Change Controller − Give the state name as "IETF" for standard track RFCs, and for others, use the name of the responsible party.
Specification Document − The specification document contains the parameter that can be used to retrieve a copy of the document.
OAuth Parameters Registry
OAuth parameters registry contains registration of authorization endpoint request or response, token endpoint request or response by the experts with the required specification. The registration request will be sent to the experts and if they are satisfied with registration, then they will pubpsh the specification.
Registration Template
The registration template contains specifications such as Type Name, Change Controller and Specification Document as defined in the above OAuth Access Token Types Registry section, except the following specification −
Parameter Usage Location − It specifies the location of the parameter such as authorization request or response, token request or response.
Initial Registry Contents
The following table shows OAuth parameters registry containing the initial contents −
| Sr.No. | Parameter Name & Usage Location | Change Controller | Specification Document |
|---|---|---|---|
| 1 | cpent_id authorization request, token request |
IETF | |
| 2 | cpent_secret token request |
IETF | |
| 3 | response_type authorization_request |
IETF | |
| 4 | redirect_uri authorization request, authorization |
IETF | |
| 5 | scope authorization request or response, token request or response |
IETF | |
| 6 | state authorization request or response |
IETF | |
| 7 | code token request, authorization response |
IETF | |
| 8 | error_description authorization response, token response |
IETF | |
| 9 | error_uri authorization response, token response |
IETF | |
| 10 | grant_type token request |
IETF | |
| 11 | access_token authorization response, token response |
IETF | |
| 12 | token_type authorization response, token response |
IETF | |
| 13 | expires_in authorization response, token response |
IETF | |
| 14 | username token request |
IETF | |
| 15 | password token request |
IETF | |
| 16 | refresh_token token request, token response |
IETF |
OAuth Authorization Endpoint Response Type Registry
This can be used to define OAuth Authorization Endpoint Response Type Registry. The response types are registered by experts with the required specification and if they are satisfied with the registration, only then they will pubpsh the specification. The registration request will be sent to the @ietf.org for reviewing. The experts will either reject or accept the request within 14 days of the request.
Registration Template
The registration template contains specifications such as Type Name, Change Controller and Specification Document as defined in the above OAuth Access Token Types Registry section.
Initial Registry Contents
The following table shows the authorization endpoint response type registry containing the initial contents.
| Sr.No. | Parameter Name | Change Controller | Specification Document |
|---|---|---|---|
| 1 | code | IETF | |
| 2 | token | IETF |
OAuth Extensions Error Registry
This can be used to define OAuth Extensions Error Registry. The error codes along with protocol extensions such as grant types, token types, etc. are registered by experts with the required specification. If they are satisfied with the registration, then they will pubpsh the specification. The registration request will be sent to the @ietf.org for reviewing with subject ("Request for error code: example"). Experts will either reject or accept the request within 14 days of the request.
Registration Template
The registration template contains specifications such as Change Controller and Specification Document as defined in the above OAuth Access Token Types Registry section, except the following specifications −
Error Name − It is the name of the request.
Error Usage Location − It specifies the location of the error such as authorization code grant error response, imppcit grant response or token error response, etc, which specifies where the error can be used.
Related Protocol Extension − You can use protocol extensions such as extension grant type, access token type, extension parameter, etc.