We plan to migrate this site to Confluence Data Center on Friday 31 March. During maintenance the site will be read only.
Active Draft Document
AARC Community-based Access Entity Category
This document provides guidelines for using the Community-based Access Entity Category to support the release of attributes to Service Providers that have a proven need to receive a set of community-managed information about their users in order to effectively provide their service to the users.
|AARC-G058||Establishing trust between OAuth 2.0 Authorization Servers||Google doc|
|AARC-G052||OAuth 2.0 Token Proxied Introspection||This specification extends the OAuth 2.0 Token Introspection (RFC7662) method to allow conveying meta-information about a token from an Authorization Server (AS) to the protected resource even when there is no direct trust relationship between the protected resource and the token issuer. The method defined in this specification, termed "proxied" token introspection, requires access tokens to be presented in JWT format containing the iss claim for identifying the issuer of the token. Proxied token introspection assumes that the AS which is trusted by the protected resource has established a trust relationship with the AS which has issued the token that needs to be validated.||Google doc|
Upcoming / Inactive Drafts