RFC 8705 - OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokensfleeting
- Référence externe : https://datatracker.ietf.org/doc/rfc8705/
client authentication and certificate- bound access and refresh tokens using mutual Transport Layer Security (TLS) authentication with X.509 certificates.
Mutual-TLS OAuth client authentication and certificate-bound access tokens can be used independently of each other
possible in support of binding access tokens to a TLS client certificate for public clients (those without authentication credentials associated with the “client_id”).