OAuth 2.0 Profiles

Siriwardena, Prabath

doi:10.1007/978-1-4842-2050-4_9

Prabath Siriwardena²

Abstract

OAuth 2.0 is a framework for delegated authorization. It doesn’t address all specific enterprise API security use cases. The OAuth 2.0 profiles built on top of the core framework work to build a security ecosystem to make OAuth 2.0 ready for enterprise grade deployments. OAuth 2.0 introduced two extension points via grant types and token types. The profiles for OAuth 2.0 are built on top of this extensibility. This chapter talks about four key OAuth 2.0 profiles for token introspection, chained API invocation, dynamic client registration, and token revocation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 34.99; Price excludes VAT (USA)

Softcover Book: USD 44.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

Author information

Authors and Affiliations

San Jose, CA, USA
Prabath Siriwardena

Authors

Prabath Siriwardena
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Siriwardena, P. (2020). OAuth 2.0 Profiles. In: Advanced API Security. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-2050-4_9

Download citation

DOI: https://doi.org/10.1007/978-1-4842-2050-4_9
Published: 17 December 2019
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-2049-8
Online ISBN: 978-1-4842-2050-4
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)

Publish with us

Policies and ethics