OA4MP Directly Supported Specifications

Here is a list of the supported specifications that OA4MP implements directly. Note that not every feature is implemented! There are flows we do not support and optional features are treated generally as optional, meaning we may implement them, but there are no promises. However, core feature are implemented.

By the numbers

Name Description
OIDC OIDC
OIDC Discovery OIDC Discovery
SciTokens SciTokens
WLCG Tokens WLCG Tokens
rfc6749 OAuth 2
rfc6750 Bearer token usage
rfc7009 Token revocation
rfc7515 JWS (Java Web Signing) specification
rfc7517 JWKS (JSON WebKey) specification
rfc7519 JWT (JSON Web Token) specification
rfc7523 JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
rfc7591 Dynamic client registration protocol
rfc7592 Dynamic client management protocol
rfc7636 Proof key for code exchange
rfc7662 Token introspection
rfc8259 JSON specification (most current, so UTF-8 encodings only, etc.)
rfc8414 Discovery endpoint requirements
rfc8628 Device flow
rfc8693 Token exchange
rfc8725 JWT best practices
rfc9068 JWTs for web access tokens

By description

Name Description
rfc6750 Bearer token usage
rfc8628 Device flow
rfc8414 Discovery endpoint requirements
rfc7592 Dynamic client management protocol
rfc7591 Dynamic client registration protocol
rfc8259 JSON specification (most current, so UTF-8 encodings only, etc.)
rfc7517 JWKS (JSON Web Key) specification
rfc7515 JWS (Java Web Signing) specification
rfc8725 JWT best practices
rfc7523 JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
rfc7519 JWT (JSON Web Token) specification
rfc9068 JWTs for web access tokens
rfc6749 OAuth 2
OIDC OIDC
OIDC Discovery OIDC Discovery
rfc7636 Proof key for code exchange
SciTokens SciTokens
rfc8693 Token exchange
rfc7662 Token introspection
rfc7009 Token revocation
WLCG Tokens WLCG Tokens