- Secure REST-based Request Response Profile
- The Secure REST-based Request Response profile supports consistent and compliant use of the uniform interface offered by HTTP for accessing a federated protected resource (REST-based Web Service). The Client makes a protected access request to the Resource Server (authority part referred to within the request URI) presenting the Access Token in the Header of the HTTP request. The Access Token is self-contained which allows the Resource Server to validate the Access Token without reference to another service (or previous state). If the Access Token is successfully validated the Resource Server processes the authorised request and the result is returned to the Client.