Skip to main content
Book Chapter

OAuth 2.0 Token Binding

  • Siriwardena P
Apress, (2020), 243-255
DOI: 10.1007/978-1-4842-2050-4_11
N/ACitations
Citations of this article
2Readers
Mendeley users who have this article in their library.
Get full text

Abstract

This specification enables OAuth 2.0 implementations to apply Token Binding to Access Tokens, Authorization Codes, Refresh Tokens, JWT Authorization Grants, and JWT Client Authentication. This cryptographically binds these tokens to a client’s Token Binding key pair, possession of which is proven on the TLS connections over which the tokens are intended to be used. This use of Token Binding protects these tokens from man-in-the-middle and token export and replay attacks.

Cite

CITATION STYLE

APA

Siriwardena, P. (2020). OAuth 2.0 Token Binding. In Advanced API Security (pp. 243–255). Apress. https://doi.org/10.1007/978-1-4842-2050-4_11

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free