Identity Assertion Authorization Grant

This specification provides a mechanism for an application to use an identity assertion to obtain an access token for a third-party API using Token Exchange [ RFC8693 ] and JWT Profile for OAuth 2.0 Authorization Grants [ RFC7523 ]. ¶ This note is to be removed before publishing as an RFC.¶ The latest revision of this draft can be found at https://drafts.aaronpk.com/draft-parecki-oauth-identity-assertion-authz-grant/draft-parecki-oauth-identity-assertion-authz-grant.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-parecki-oauth-identity-assertion-authz-grant/.¶ Discussion of this document takes place on the Web Authorization Protocol Working Group mailing list (mailto:[email protected]), which is archived at https://mailarchive.ietf.org/arch/browse/oauth/. Subscribe at https://www.ietf.org/mailman/listinfo/oauth/.¶ Source for this draft and an issue tracker can be found at https://github.com/aaronpk/draft-parecki-oauth-identity-assertion-authz-grant.¶