RFC 9728 · PROPOSED STANDARD · 2025
SUN · 14 JUN 2026
OAuth 2.0 Protected Resource Metadata
Overview
RFC 9728, “OAuth 2.0 Protected Resource Metadata”, is a Proposed Standard document published in April 2025 by M.B. Jones, P. Hunt, A. Parecki. The canonical text is published by the RFC Editor.
Abstract
This specification defines a metadata format that an OAuth 2.0 client or authorization server can use to obtain the information needed to interact with an OAuth 2.0 protected resource.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
Read this RFC
The canonical text of RFC 9728 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
Other RFCs from 2025
- RFC 9729 The Concealed HTTP Authentication Scheme
- RFC 9727 api-catalog: A Well-Known URI and Link Relation to Help Discovery of APIs
- RFC 9730 Interworking of GMPLS Control and Centralized Controller Systems
- RFC 9726 Operational Considerations for Use of DNS in Internet of Things Devices
- RFC 9731 A YANG Data Model for Virtual Network Operations
- RFC 9725 WebRTC-HTTP Ingestion Protocol
- RFC 9732 A Framework for NRP-Based Enhanced Virtual Private Networks
- RFC 9724 State of Affairs for Randomized and Changing Media Access Control Addresses