Ȩ > ÀڷḶ´ç > ÀÚ·á°Ë»ö > Ç¥ÁØ
ÀÚ·á °Ë»ö°á°ú
| Ç¥ÁØÁ¾·ù | Á¤º¸Åë½Å´ÜüǥÁØ(TTAS) | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ç¥ÁعøÈ£ | TTAE.IF-RFC7523 | ±¸ Ç¥ÁعøÈ£ | |||||||||||||||
| Á¦°³Á¤ÀÏ | 2018-12-19 | ÃÑ ÆäÀÌÁö | 20 | ||||||||||||||
| ÇÑ±Û Ç¥Áظí | °ø°³ÀÎÁõ 2.0 Ŭ¶óÀ̾ðÆ® ÀÎÁõ ¹× Àΰ¡ ½ÂÀÎÀ» À§ÇÑ JSON À¥ ÅäÅ«(JWT) ÇÁ·ÎÆÄÀÏ | ||||||||||||||||
| ¿µ¹® Ç¥Áظí | JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants | ||||||||||||||||
| ÇÑ±Û ³»¿ë¿ä¾à | ÀÌ Ç¥ÁØÀº JWT º£¾î·¯ ÁÖÀåÀ» »ç¿ëÇÏ¿© °ø°³ÀÎÁõ(OAuth) 2.0 ¾×¼¼½º ÅäÅ«À» ¿äûÇÏ°í Ŭ¶óÀ̾ðÆ® Å©¸®µ§¼È·Î »ç¿ëÇÏ´Â È®Àå ½ÂÀΠŸÀÔÀ» Á¤ÀÇÇϱâ À§ÇØ °ø°³ÀÎÁõ ÁÖÀå ÇÁ·¹ÀÓ¿öÅ©[RFC751]¸¦ ±¸Ã¼ÈÇÑ´Ù.
º» Ç¥ÁØÀº »ç¿ëÀÚ°¡ Àΰ¡ ¼¹ö¿¡°Ô Á÷Á¢ÀûÀÎ ½ÂÀÎ ´Ü°è ¾øÀÌ, Ŭ¶óÀ̾ðÆ®°¡ JWT·Î ±âÁ¸ÀÇ ½Å·Ú °ü°è¸¦ È°¿ëÇÏ°íÀÚ ÇÒ ¶§ JWT¸¦ »ç¿ëÇÏ¿© ¾×¼¼½º ÅäÅ«À» ¿äûÇÏ´Â ¹æ¹ýÀ» Á¤ÀÇÇÑ´Ù. ¶ÇÇÑ JWT¸¦ Ŭ¶óÀ̾ðÆ® ÀÎÁõ ¸ÞÄ¿´ÏÁòÀ¸·Î »ç¿ëÇÏ´Â ¹æ¹ýÀ» Á¤ÀÇÇÑ´Ù. |
||||||||||||||||
| ¿µ¹® ³»¿ë¿ä¾à |
The standard profiles the OAuth Assertion Framework [RFC7521] to define an extension grant type that uses a JWT Bearer Token to request an OAuth 2.0 access token as well as for use as client credentials.
The standard defines how a JWT Bearer Token can be used to request an access token when a client wishes to utilize an existing trust relationship, expressed through the semantics of the JWT, without a direct user-approval step at the authorization server. It also defines how a JWT can be used as a client authentication mechanism. |
||||||||||||||||
| °ü·Ã IPR È®¾à¼ | Á¢¼öµÈ IPR È®¾à¼ ¾øÀ½ | ||||||||||||||||
| °ü·ÃÆÄÀÏ |
 TTAE.IF-RFC7523.pdf
|
||||||||||||||||
| Ç¥ÁØÀÌ·Â |
|
||||||||||||||||
