jspωiki
OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer

Overview#

OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer, an Internet Draft, defines an application-level sender-constraint mechanism for OAuth 2.0 access tokens and refresh tokens that can be applied when neither mTLS nor OAuth 2.0 Token Binding are utilized.

OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer achieves Proof-of-Possession using a Public Key-Private Key pair.

More Information#

There might be more information for this subject on one of the following: