OAuth 2.0 RFC Reference

OAuth 2.0 RFC Reference

Core RFCs

OAuth 2 Authorization Framework (6749)

OAuth 2 Bearer Token Usage (6750)

Threat Model and Security Considerations (6819)

Proof Key for Code Exchange (PKCE - 7636)

Device Authorization Grant (Device Code Flow - 8628)

Authorization Request Extensions

JWT-Secured Authorization Request (JAR - 9101)

Pushed Authorization Requests (PAR - 9126)

Client Authentication

Assertion Framework for Client Authentication and Authorization Grants (7521)

SAML 2.0 Profile for Client Authentication and Authorization Grants (7522)

JWT Profile for Client Authentication and Authorization Grants (7523)

Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (mTLS - 8705)

Proof of Possession

Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (mTLS - 8705)

Demonstrating of Proof of Possession at the Application Layer (draft-ietf-oauth-dpop)

Proof-of-Possession Key Semantics for JWT (7800)

Token Management

Token Introspection (7662)

Token Revocation (7009)

Token Exchange (8693)

Tag @pamelarosiedee on twitter if you see problems

Linktree