RFC 9396 · PROPOSED STANDARD · 2023
SUN · 14 JUN 2026
OAuth 2.0 Rich Authorization Requests
Overview
RFC 9396, “OAuth 2.0 Rich Authorization Requests”, is a Proposed Standard document published in May 2023 by T. Lodderstedt, J. Richer, B. Campbell. The canonical text is published by the RFC Editor.
Abstract
This document specifies a new parameter authorization_details that is used to carry fine-grained authorization data in OAuth messages.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
Read this RFC
The canonical text of RFC 9396 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
Other RFCs from 2023
- RFC 9395 Deprecation of the Internet Key Exchange Version 1 Protocol and Obsoleted Algorithms
- RFC 9397 Trusted Execution Environment Provisioning Architecture
- RFC 9394 IMAP PARTIAL Extension for Paged SEARCH and FETCH
- RFC 9398 A YANG Data Model for Internet Group Management Protocol and Multicast Listener Discovery Proxy Devices
- RFC 9393 Concise Software Identification Tags
- RFC 9399 Internet X.509 Public Key Infrastructure: Logotypes in X.509 Certificates
- RFC 9392 Sending RTP Control Protocol Feedback for Congestion Control in Interactive Multimedia Conferences
- RFC 9400 Guidelines for the Organization of Fully Online Meetings