OAuth 2.0 OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, …

Getting Started Below are some guides to OAuth 2.0 which cover many of the topics needed to understand and implement clients and servers. OAuth 2.0 Simplified OAuth 2.0 Simplified, …

OAuth 2.1 datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1 OAuth 2.1 is an in-progress effort to consolidate and simplify the most commonly used features of OAuth ...

Nov 7, 2025 · OAuth Working Group Specifications Current active drafts in the OAuth working group Active Drafts

An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications. Learn more about OAuth 2.0 »

RFC 9700: OAuth 2.0 Security Best Current Practice datatracker.ietf.org/doc/html/rfc9700 OAuth 2.0 Security Best Current Practice describes security requirements and ...

User Authentication with OAuth 2.0 The OAuth 2.0 specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications …

OAuth Grant Types The OAuth framework specifies several grant types for different use cases, as well as a framework for creating new grant types. The most common OAuth grant types are …

OAuth Scopes tools.ietf.org/html/rfc6749#section-3.3 Scope is a mechanism in OAuth 2.0 to limit an application's access to a user's account. An application can ...

RFC 8693: Token Exchange datatracker.ietf.org/doc/html/rfc8693 The Token Exchange extension defines a mechanism for a client to obtain its own tokens given a separate ...