Overview#

Resource Parameter is an OPTIONAL parameter used in the Access Token Request defined by Resource Indicators for OAuth 2.0 and the value of the "resource" parameter indicates a Resource Servers where the requested access token will be used.

Resource Parameter value MUST be an absolute URI, as specified by Section 4.3 of RFC 3986, and MUST NOT include a query or fragment component.

If the Authorization Server fails to parse the provided value or does not consider the Resource Server acceptable, the Authorization Server MUST reject the request and provide an OAuth Error response with the error code "invalid_resource".

Multiple "resource" parameters may be used to indicate that the issued token is intended to be used at multiple Resource Servers.

The Resource Parameter will be sent to the authorization_endpoint or the token_endpoint depending on the Grant Type used.

authorization_endpoint#

When an Access Token will be returned from the authorization_endpoint, and the Resource Parameter is used in the Authorization Request to the Authorization_endpoint as defined in Section 4.2.1 of OAuth 2.0 RFC 6749.

token_endpoint#

When the access token is returned from the token_endpoint, the request parameter is included in the Access Token Request to the token_endpoint. Sections 4.1.1, 4.3.1, 4.4.2, 4.5 and 6 of OAuth 2.0 RFC 6749 define requests to the token endpoint with different grant types and others may be defined elsewhere.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-3) was last changed on 02-Apr-2016 12:01 by jim