draft-ietf-oauth-revocation-08.txt   draft-ietf-oauth-revocation-09.txt 
OAuth Working Group T. Lodderstedt, Ed. OAuth Working Group T. Lodderstedt, Ed.
Internet-Draft Deutsche Telekom AG Internet-Draft Deutsche Telekom AG
Intended status: Standards Track S. Dronia Intended status: Standards Track S. Dronia
Expires: November 20, 2013 M. Scurtescu Expires: November 20, 2013 M. Scurtescu
Google Google
May 19, 2013 May 19, 2013
OAuth Token Revocation OAuth 2.0 Token Revocation
draft-ietf-oauth-revocation-08 draft-ietf-oauth-revocation-09
Abstract Abstract
This document proposes an additional endpoint for OAuth authorization This document proposes an additional endpoint for OAuth authorization
servers, which allows clients to notify the authorization server that servers, which allows clients to notify the authorization server that
a previously obtained refresh or access token is no longer needed. a previously obtained refresh or access token is no longer needed.
This allows the authorization server to cleanup security credentials. This allows the authorization server to cleanup security credentials.
A revocation request will invalidate the actual token and, if A revocation request will invalidate the actual token and, if
applicable, other tokens based on the same authorization grant. applicable, other tokens based on the same authorization grant.
 End of changes. 1 change blocks. 
2 lines changed or deleted 2 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/