[Openid-specs-fapi] OAuth 2.0 Token Exchange profiles feedback request

Dr. Kelley W Burgin kburgin at mitre.org
Wed Aug 4 17:40:10 UTC 2021


MITRE, in support of the U.S. Government, has developed tailored OAuth 2.0 Token Exchange profiles for use in an enterprise environment. These documents build on the OAuth 2.0 profile<https://www.mitre.org/publications/technical-papers/enterprise-mission-tailored-oauth-20-and-openid-connect-profiles> MITRE released whose requirements have been incorporated into OAuth 2.1. The documents enable “identity chaining” by ensuring that the identities of the user, client, and protected resources are propagated in the issued access tokens to make appropriate access decisions.

Token and Identity Chaining between Protected Resources in a Single ICAM Ecosytem using OAuth Token Exchange<https://www.mitre.org/publications/technical-papers/token-and-identity-chaining-between-protected-resources-in-a-single-icam-ecosystem-using-oauth-token-exchange>
Token and Identity Chaining between Protected Resources in a Multiple ICAM Ecosytem using OAuth Token Exchange<https://www.mitre.org/publications/technical-papers/token-and-identity-chaining-between-protected-resources-in-a-multiple-icam-ecosystem-using-oauth-token-exchange>

Please note, we will be working with the standards bodies to move these concepts forward. These current profiles and this email should be considered as informational as we seek additional feedback from Subject Matter Experts throughout the Community. We welcome your comments and suggestions at OAuthOIDCProfiles at groups.mitre.org .

Kelley Burgin, Ph.D.
Cybersecurity Engineer
The MITRE Corporation
(571) 424 - 8642
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20210804/631c5002/attachment.html>

More information about the Openid-specs-fapi mailing list