OAuth is Not User Authorization
Avoid a common OAuth pitfall by learning how OAuth consent and access tokens differ from user-level authorization policies.| Scott Brady
Avoid a common OAuth pitfall by learning how OAuth consent and access tokens differ from user-level authorization policies.| Scott Brady
This specification defines a protocol for an HTTP- and JSON-based Security Token Service (STS) by defining how to request and obtain security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.| www.rfc-editor.org
