-
Notifications
You must be signed in to change notification settings - Fork 335
/
index.php
47 lines (40 loc) · 2.18 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<?php
$page_title = "JWT Access Tokens for OAuth 2.0";
$page_section = "";
$page_secondary = "";
$page_meta_description = "JWT Profile for OAuth 2.0 Access Tokens";
require('../../../includes/_header.php');
?>
<div class="container">
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item"><a href="/2/">OAuth 2.0</a></li>
<li class="breadcrumb-item active">JWT Access Tokens</li>
</ol>
</nav>
<div>
<h2>RFC 9068: JWT Profile for OAuth 2.0 Access Tokens</h2>
<p><a href="https://datatracker.ietf.org/doc/html/rfc9068" class="rfc">datatracker.ietf.org/doc/html/rfc9068</a></p>
<p>The JWT Access Token profile describes a way to encode access tokens as a JSON Web Token, including a set of standard claims that are useful in an access token.</p>
<p>JWTs can be used as OAuth 2.0 <a href="/2/bearer-tokens/">Bearer Tokens</a> to encode all relevant parts of an access token into the access token itself instead of having to store them in a database.</p>
<p>
Related Specs:
<ul>
<li><a href="/2/bearer-tokens/">OAuth 2.0 Bearer Token Usage (RFC 6750)</a></li>
<li><a href="/2/token-introspection/">Token Introspection (RFC 7662)</a></li>
<li><a href="/2/token-revocation/">Token Revocation (RFC 7009)</a></li>
<li><a href="/2/jwt/">JSON Web Token (RFC 7519)</a></li>
</ul>
</p>
<p>More resources
<ul>
<li><a href="https://www.oauth.com/oauth2-servers/access-tokens/self-encoded-access-tokens/">Self-Encoded Access Tokens</a> (oauth.com)</li>
<li><a href="https://www.jsonwebtoken.io/">jsonwebtoken.io</a></li>
<li><a href="https://auth0.com/docs/jwt">JSON Web Tokens (JWT) in Auth0</a> (auth0.com)</li>
<li><a href="https://developer.okta.com/blog/2019/02/04/create-and-verify-jwts-in-php">Create and Verify JWTs in PHP</a> (developer.okta.com)</li>
<li><a href="https://auth0.com/blog/how-the-jwt-profile-for-oauth-20-access-tokens-became-rfc9068/">From Idea to Standard: How the JWT Profile for OAuth 2.0 Access Tokens Became RFC9068</a> by Vittorio Bertocci</li>
</ul>
</p>
</div>
</div>
<?php require('../../../includes/_footer.php'); ?>