Abstract
OAuth 2.0 is a framework for delegated authorization. It doesn’t address all specific enterprise API security use cases. The OAuth 2.0 profiles built on top of the core framework work to build a security ecosystem to make OAuth 2.0 ready for enterprise grade deployments. OAuth 2.0 introduced two extension points via grant types and token types. The profiles for OAuth 2.0 are built on top of this extensibility. This chapter talks about four key OAuth 2.0 profiles for token introspection, chained API invocation, dynamic client registration, and token revocation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Prabath Siriwardena
About this chapter
Cite this chapter
Siriwardena, P. (2020). OAuth 2.0 Profiles. In: Advanced API Security. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-2050-4_9
Download citation
DOI: https://doi.org/10.1007/978-1-4842-2050-4_9
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-2049-8
Online ISBN: 978-1-4842-2050-4
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)