Skip to content

Issues: oauth-wg/oauth-v2-1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

46 Open 91 Closed
46 Open 91 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

7.X Stateless tokens and key rotation
#189 opened Sep 26, 2024 by sakimura
7.12 Phishing Attacks: Clarification and additional advice to the reader
#188 opened Sep 26, 2024 by sakimura
Expand on reasons for not including expires_in in the token response
#187 opened Sep 14, 2024 by pilcrowonpaper
@aaronpk
1
Section 4.1.2.1 Error Response is unclear on how to handle an Invalid Authorization Endpoint request
#184 opened Jul 26, 2024 by dfcoffin
Clarify aud values that should be accepted in private_key_jwt at the token (and other) endpoints
#183 opened Jul 8, 2024 by jogu
2
Reasons for recommending loopback redirects over private-use URI scheme
#179 opened May 19, 2024 by archer-321
2
Strict JavaScript Exclusiveness?
#174 opened Apr 14, 2024 by MozharAlhosni
Handling of colliding URI query parameter names
#171 opened Feb 28, 2024 by SECtim
1
Ambigious text around whether code_challenge is required
#170 opened Feb 28, 2024 by SECtim
2
Terminology: "relying party" vs. "client" editorial This issue does not affect existing implementations
#169 opened Feb 28, 2024 by SECtim
3
"Suprising" printing service example in introduction
#168 opened Feb 28, 2024 by SECtim
Character encoding for the application/x-www-form-urlencoded format editorial This issue does not affect existing implementations
#167 opened Jan 22, 2024 by adeinega
1
the invalid_client error and HTTP authentication schemas interim Items to discuss in the next WG interim meeting
#162 opened Aug 4, 2023 by adeinega
1
Problems with authorization servers that don't support public clients
#161 opened Jul 27, 2023 by hickford
2
Strengthen "Authorization server SHOULD NOT process repeated authorization requests automatically" for public clients
#160 opened Jul 27, 2023 by hickford
1
Ask for review from HTTP WG
#156 opened Jul 21, 2023 by aaronpk
@dickhardt
clarify last paragraph of 8.4.1
#152 opened Jul 14, 2023 by dickhardt version -11
@dickhardt
point implementers to OIDC in intro
#151 opened Jul 14, 2023 by dickhardt version -11
@dickhardt
Prohibition of using OAuth for user authentication
#146 opened May 9, 2023 by ritou
Native apps differences between mobile and desktop apps draft-00-feedback Feedback from reviews of draft -00
#142 opened Mar 13, 2023 by aaronpk
1
Claimed https scheme as app identity proof draft-00-feedback Feedback from reviews of draft -00 interim Items to discuss in the next WG interim meeting
#141 opened Mar 13, 2023 by aaronpk
1
Repeated authorization requests draft-00-feedback Feedback from reviews of draft -00 ietf-116
#140 opened Mar 13, 2023 by aaronpk
2
Define "explicit RO authentication" draft-00-feedback Feedback from reviews of draft -00 ietf-116
#139 opened Mar 13, 2023 by aaronpk
Clean up references to URL vs URI vs application/x-www-form-urlencoded
#126 opened Jul 21, 2022 by aaronpk version -11
1
Add more security sensitive examples to intro to illustrate suitability
#122 opened Jul 4, 2022 by tlodderstedt
ProTip! Follow long discussions with comments:>50.