Title
OAuth 2.0 Proof of Possession Profile
Description
DPoP, an abbreviation for Demonstrating Proof-of-Possession at the Application Layer, is an application-level mechanism for sender-constraining OAuth access and refresh tokens. It enables a client to demonstrate proof-of-possession of a public/private key pair by including a "DPoP" header in an HTTP request. The OAuth 2.0 Proof of Possession Profile is based on the internet draft ID OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer1.

Reference document

Org
FMN
Pubnum
Date
2021-10-20
Version
Title
Proposed FMN Spiral 5 Specification

Taxonomy

Standards

Obligation: None, Lifecycle: Candidate

Standard group not available.

Status

URI

History

Flag Date RFC Version
added 2022-05-06 14-032 15.0
UUID
0214c045-ef51-4220-a105-de3209097b55

Utilization

This profile is used by the following profiles: