1 / 3

OAuth Assertions Status

The OAuth Assertions and SAML Profile outlines the stable specifications that have undergone no normative changes since April 2012. It highlights the importance of usage statements for IESG and mentions that OpenID Connect utilizes the JWT Profile based on the Assertions Framework, with over a dozen implementations demonstrating significant interoperability testing. The SAML Profile's usage statements are essential for JWT Bearer Token Profiles, which are designed to be fully parallel to the SAML Profile, differing only in token formats. The document is prepared to move to WGLC pending the JOSE specs.

rashad-stokes
Download Presentation

OAuth Assertions Status

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OAuthAssertions Status Mike Jones November 8, 2012

  2. OAuth Assertions & SAML Profile • Specifications very stable • No normative changes since April 2012 • WGLC introduced no normative • Hannes needs usage statements for IESG letter • OpenID Connect uses JWT Profile, which uses Assertions Framework • Over a dozen implementations • Significant interop testing has occurred • SAML Profile usage statements needed

  3. JWT Bearer Token Profiles • Fully parallel to SAML Profile (by design) • Only differences due to token formats • Likewise, no normative changes since April 2012 • Will be ready to go to WGLC once JWT is • Gated on JOSE specs going to WGLC

More Related