- OAuth 2.0 Tutorial
- OAuth 2.0 - Home
- OAuth 2.0 - Overview
- OAuth 2.0 - Architecture
- OAuth 2.0 - Client Credentials
- Obtaining an Access Token
- Accessing a Protected Resource
- OAuth 2.0 - Extensibility
- OAuth 2.0 - IANA Considerations
- OAuth 2.0 Useful Resources
- OAuth 2.0 - Quick Guide
- OAuth 2.0 - Useful Resources
- OAuth 2.0 - Discussion
OAuth 2.0 - IANA Considerations
IANA stands for Internet Assigned Numbers Authority which provides the information about the registration values related to the Remote Authentication Dial In User Service (RADIUS).
IANA includes the following considerations −
OAuth Access Token Types Registry
OAuth access tokens are registered by experts with required specification. If they are satisfied with the registration, only then they will publish the specification. The registration request will be sent to the @ietf.org for reviewing with the subject ("Request for access token type: example"). Experts will either reject or accept the request within 14 days of the request.
Registration Template
The registration template contains the following specifications −
Type Name − It is the name of the request.
Token Endpoint Response Parameters − The additional access token response parameter will be registered separately in OAuth parameters registry.
HTTP Authentication Scheme − The HTTP authentication scheme can be used to authenticate the resources by using the access token.
Change Controller − Give the state name as "IETF" for standard track RFCs, and for others, use the name of the responsible party.
Specification Document − The specification document contains the parameter that can be used to retrieve a copy of the document.
OAuth Parameters Registry
OAuth parameters registry contains registration of authorization endpoint request or response, token endpoint request or response by the experts with the required specification. The registration request will be sent to the experts and if they are satisfied with registration, then they will publish the specification.
Registration Template
The registration template contains specifications such as Type Name, Change Controller and Specification Document as defined in the above OAuth Access Token Types Registry section, except the following specification −
Parameter Usage Location − It specifies the location of the parameter such as authorization request or response, token request or response.
Initial Registry Contents
The following table shows OAuth parameters registry containing the initial contents −
| Sr.No. | Parameter Name & Usage Location | Change Controller | Specification Document |
|---|---|---|---|
| 1 | client_id authorization request, token request |
IETF | RFC 6749 |
| 2 | client_secret token request |
IETF | RFC 6749 |
| 3 | response_type authorization_request |
IETF | RFC 6749 |
| 4 | redirect_uri authorization request, authorization |
IETF | RFC 6749 |
| 5 | scope authorization request or response, token request or response |
IETF | RFC 6749 |
| 6 | state authorization request or response |
IETF | RFC 6749 |
| 7 | code token request, authorization response |
IETF | RFC 6749 |
| 8 | error_description authorization response, token response |
IETF | RFC 6749 |
| 9 | error_uri authorization response, token response |
IETF | RFC 6749 |
| 10 | grant_type token request |
IETF | RFC 6749 |
| 11 | access_token authorization response, token response |
IETF | RFC 6749 |
| 12 | token_type authorization response, token response |
IETF | RFC 6749 |
| 13 | expires_in authorization response, token response |
IETF | RFC 6749 |
| 14 | username token request |
IETF | RFC 6749 |
| 15 | password token request |
IETF | RFC 6749 |
| 16 | refresh_token token request, token response |
IETF | RFC 6749 |
OAuth Authorization Endpoint Response Type Registry
This can be used to define OAuth Authorization Endpoint Response Type Registry. The response types are registered by experts with the required specification and if they are satisfied with the registration, only then they will publish the specification. The registration request will be sent to the @ietf.org for reviewing. The experts will either reject or accept the request within 14 days of the request.
Registration Template
The registration template contains specifications such as Type Name, Change Controller and Specification Document as defined in the above OAuth Access Token Types Registry section.
Initial Registry Contents
The following table shows the authorization endpoint response type registry containing the initial contents.
| Sr.No. | Parameter Name | Change Controller | Specification Document |
|---|---|---|---|
| 1 | code | IETF | RFC 6749 |
| 2 | token | IETF | RFC 6749 |
OAuth Extensions Error Registry
This can be used to define OAuth Extensions Error Registry. The error codes along with protocol extensions such as grant types, token types, etc. are registered by experts with the required specification. If they are satisfied with the registration, then they will publish the specification. The registration request will be sent to the @ietf.org for reviewing with subject ("Request for error code: example"). Experts will either reject or accept the request within 14 days of the request.
Registration Template
The registration template contains specifications such as Change Controller and Specification Document as defined in the above OAuth Access Token Types Registry section, except the following specifications −
Error Name − It is the name of the request.
Error Usage Location − It specifies the location of the error such as authorization code grant error response, implicit grant response or token error response, etc, which specifies where the error can be used.
Related Protocol Extension − You can use protocol extensions such as extension grant type, access token type, extension parameter, etc.