Enterprise Mission Tailored OAuth 2.0 Profile (Oct. 2019)

reportActive / Technical Report | Accesssion Number: AD1114452 | Open PDF

Abstract:

(1) This document profiles the OAuth 2.0 web authorization framework [RFC6749] for use in the context of securing webfacingapplication programming interfaces (APIs), particularly Representational State Transfer (RESTful) APIs. (2) This document profiles OpenID Connect for use in enterprise environments. This profile is derived from the International Government Assurance Profile (iGov) for OpenID Connect 1.0 [iGov-OIDC] produced by the OpenID Foundation.

Author(s):
Abrahmowitz, Beth ; Burgin, Kelley ; Farinelli, Tommy ; Mcnab, Neil ; Peck, Michael ; Russell, Mark ; Westman, Roger
Author Organization(s):
The MITRE Corporation
Funding Organization(s):
Publication Date:
2019 Oct 01
Pagination:
0

Security Markings

RECORD

Collection: TRECMS
Subject Terms
Communities of Interest:
Engineered Resilient Systems
Descriptor(s):
computer access control, operating systems, web browsers, computer programming, governments, word processors, authentication, reliability, infrastructure, language, notation, standards, web applications, markup languages, resilience, application programming interface, corporations
Keyword(s):
RESTful APIs, OpenID Connect, authorization, trust, ID tokens; OAuth 2.0 specifications
Subject Categories:
Mathematical and Computer Sciences; Mathematical and Computer Sciences
Update Date:
2020 Nov 10