OAuth 2.0 Pushed Authorization Requests
RFC 9126, “OAuth 2.0 Pushed Authorization Requests”, is a Proposed Standard document published in September 2021 by T. Lodderstedt, B. Campbell, N. Sakimura, D. Tonge, F. Skokan. The canonical text is published by the RFC Editor.
Abstract
This document defines the pushed authorization request (PAR) endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct request and provides them with a request URI that is used as reference to the data in a subsequent call to the authorization endpoint.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9126 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9125 Gateway Auto-Discovery and Route Advertisement for Site Interconnection Using Segment Routing
- RFC 9127 YANG Data Model for Bidirectional Forwarding Detection
- RFC 9131 Gratuitous Neighbor Discovery: Creating Neighbor Cache Entries on First-Hop Routers
- RFC 9120 Nameservers for the Address and Routing Parameter Area Domain
- RFC 9132 Distributed Denial-of-Service Open Threat Signaling Signal Channel Specification
- RFC 9119 Multicast Considerations over IEEE 802 Wireless Media
- RFC 9133 Controlling Filtering Rules Using Distributed Denial-of-Service Open Threat Signaling Signal Channel
- RFC 9118 Enhanced JSON Web Token Claim Constraints for Secure Telephone Identity Revisited Certificates