RFC 9068 · PROPOSED STANDARD · 2021
SUN · 14 JUN 2026
JSON Web Token Profile for OAuth 2.0 Access Tokens
Overview
RFC 9068, “JSON Web Token Profile for OAuth 2.0 Access Tokens”, is a Proposed Standard document published in October 2021 by V. Bertocci. The canonical text is published by the RFC Editor.
Abstract
This specification defines a profile for issuing OAuth 2.0 access tokens in JSON Web Token (JWT) format. Authorization servers and resource servers from different vendors can leverage this profile to issue and consume access tokens in an interoperable manner.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
Read this RFC
The canonical text of RFC 9068 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
Other RFCs from 2021
- RFC 9067 A YANG Data Model for Routing Policy
- RFC 9066 Distributed Denial-of-Service Open Threat Signaling Signal Channel Call Home
- RFC 9065 Considerations around Transport Header Confidentiality, Network Operations, and the Evolution of Internet Transport Protocols
- RFC 9071 RTP-Mixer Formatting of Multiparty Real-Time Text
- RFC 9064 Considerations in the Development of a QoS Architecture for CCNx- Like Information-Centric Networking Protocols
- RFC 9072 Extended Optional Parameters Length for BGP OPEN Message
- RFC 9063 Host Identity Protocol Architecture
- RFC 9073 Event Publishing Extensions to iCalendar