|
10 | 10 | <?rfc inline="yes"?> |
11 | 11 | <?rfc compact="yes"?> |
12 | 12 | <?rfc subcompact="no"?> |
13 | | -<rfc category="std" docName="draft-ietf-oauth-introspection-11" |
| 13 | +<rfc category="std" docName="draft-ietf-oauth-introspection-12" |
14 | 14 | ipr="trust200902"> |
15 | 15 | <front> |
16 | 16 | <title abbrev="oauth-introspection">OAuth 2.0 Token Introspection</title> |
|
249 | 249 |
|
250 | 250 | <t hangText="scope"><vspace/>OPTIONAL. A JSON string containing a |
251 | 251 | space-separated list of scopes associated with this token, in the |
252 | | - format described in section 3.3 of <xref target="RFC6749">OAuth |
253 | | - 2.0</xref>.</t> |
| 252 | + format described in <xref target="RFC6749">OAuth 2.0</xref> |
| 253 | + Section 3.3.</t> |
254 | 254 |
|
255 | 255 | <t hangText="client_id"><vspace/>OPTIONAL. Client identifier for |
256 | 256 | the OAuth 2.0 client that requested this token.</t> |
|
259 | 259 | identifier for the resource owner who authorized this token.</t> |
260 | 260 |
|
261 | 261 | <t hangText="token_type"><vspace/>OPTIONAL. Type of the token as |
262 | | - defined in section 5.1 of <xref target="RFC6749">OAuth |
263 | | - 2.0</xref>.</t> |
| 262 | + defined in <xref target="RFC6749">OAuth 2.0</xref> Section |
| 263 | + 7.1.</t> |
264 | 264 |
|
265 | 265 | <t hangText="exp"><vspace/>OPTIONAL. Integer timestamp, measured |
266 | 266 | in the number of seconds since January 1 1970 UTC, indicating when |
|
372 | 372 | <t>If the protected resource uses OAuth 2.0 client credentials to |
373 | 373 | authenticate to the introspection endpoint and its credentials are |
374 | 374 | invalid, the authorization server responds with an HTTP 401 |
375 | | - (Unauthorized) as described in section 5.2 of <xref |
376 | | - target="RFC6749">OAuth 2.0 </xref>.</t> |
| 375 | + (Unauthorized) as described in <xref target="RFC6749">OAuth 2.0 |
| 376 | + </xref> Section 5.2.</t> |
377 | 377 |
|
378 | 378 | <t>If the protected resource uses an OAuth 2.0 bearer token to |
379 | 379 | authorize its call to the introspection endpoint and the token used |
380 | 380 | for authorization does not contain sufficient privileges or is |
381 | 381 | otherwise invalid for this request, the authorization server responds |
382 | | - with an HTTP 401 code as described in section 3 of <xref |
383 | | - target="RFC6750">OAuth 2.0 Bearer Token Usage</xref>.</t> |
| 382 | + with an HTTP 401 code as described in <xref target="RFC6750">OAuth 2.0 |
| 383 | + Bearer Token Usage</xref> Section 3.</t> |
384 | 384 |
|
385 | 385 | <t>Note that a properly formed and authorized query for an inactive or |
386 | 386 | otherwise invalid token (or a token the protected resource is not |
|
817 | 817 | <section title="Document History"> |
818 | 818 | <t>[[ To be removed by the RFC Editor. ]]</t> |
819 | 819 |
|
| 820 | + <t>-12</t> |
| 821 | + |
| 822 | + <t><list style="symbols"> |
| 823 | + <t>Updated references to fix IETF tools wonkiness.</t> |
| 824 | + </list></t> |
| 825 | + |
820 | 826 | <t>-11</t> |
821 | 827 |
|
822 | 828 | <t><list style="symbols"> |
|
0 commit comments