Implemented Standards

Implemented technologies and standards

Abblix OIDC Server fully implements a comprehensive suite of advanced standards for authorization and security, providing a robust and secure environment for authorization data handling. Here are the key standards implemented in our product.

• The OAuth 2.0 Authorization Framework: RFC 6749: Defines procedures for secure authorization of applications.

• The OAuth 2.0 Authorization Framework: Bearer Token Usage: RFC 6750: Explains how to securely use bearer tokens to access resources.

• OAuth 2.0 Token Revocation: RFC 7009: Describes methods to securely cancel access and refresh tokens.

• JSON Web Token (JWT): RFC 7519: Defines structure and use of JWTs for representing claims securely.

• JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants: RFC 7523: Uses JWTs for secure client authentication and as authorization grants.

• Proof Key for Code Exchange by OAuth Public Clients: RFC 7636: Improves security for public clients during authorization code exchange.

• OAuth 2.0 Token Introspection: RFC 7662: Allows resource servers to verify the active state and metadata of tokens.

• OAuth 2.0 Dynamic Client Registration Protocol: RFC 7591: Provides mechanisms for clients to register dynamically with authorization servers.

• OAuth 2.0 Token Exchange: RFC 8693: Details the method for a secure exchange of one token type for another.

• JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens: RFC 9068: Specifies the use of JWTs as OAuth 2.0 access tokens.

• The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR): RFC 9101: Secures authorization requests using JWTs.

• OAuth 2.0 Pushed Authorization Requests: RFC 9126: Enhances security by allowing clients to push authorization requests directly to the server.

• OAuth 2.0 Authorization Server Issuer Identification: RFC 9207: Ensures the authenticity of authorization servers to clients.

• OAuth 2.0 Multiple Response Type Encoding Practices: Core Specification: Encodes different response types in OAuth 2.0 requests.

• OAuth 2.0 Form Post Response Mode: Core Specification: Transmits OAuth 2.0 responses via HTTP form posts.

• OAuth 2.0 Resource Indicators: RFC 8707: Enables users to specify the resources they want access to, enhancing security and access control.

• OpenID Connect Core: Core Specification: Core functionality for OpenID Connect identity layer over OAuth 2.0.

• OpenID Connect Discovery: Detailed Specification: Enables clients to discover provider configurations dynamically.

• OpenID Connect RP-Initiated Logout: Detailed Specification: Details logout initiated by relying parties.

• OpenID Connect Session Management: Detailed Specification: Manages user session states in identity providers.

• OpenID Connect Front-Channel Logout: Detailed Specification: Handles logout requests through front-channel communication.

• OpenID Connect Back-Channel Logout: Detailed Specification: Manages logout processes using back-channel communication.

• OpenID Connect Dynamic Client Registration: Detailed Specification: Enables OpenID Connect clients to register dynamically with providers.

• OpenID Connect Core: Pairwise Pseudonymous Identifiers (PPID): Core Specification: Implements a privacy mechanism by generating unique identifiers for clients.

• OpenID Connect Client-Initiated Backchannel Authentication (CIBA): Core Specification: Enables secure user authentication via backchannel communication on devices without direct web access, ideal for IoT and financial services scenarios.