Implemented Standards
  • 02 May 2024
  • 2 Minutes to read

Implemented Standards


Article summary

Implemented technologies and standards

Abblix OIDC Server fully implements a comprehensive suite of advanced standards for authorization and security, providing a robust and secure environment for authorization data handling. Here are the key standards implemented in our product.

  • The OAuth 2.0 Authorization Framework: RFC 6749: Defines procedures for secure authorization of applications.
  • The OAuth 2.0 Authorization Framework: Bearer Token Usage: RFC 6750: Explains how to securely use bearer tokens to access resources.
  • OAuth 2.0 Token Revocation: RFC 7009: Describes methods to securely cancel access and refresh tokens.
  • JSON Web Token (JWT): RFC 7519: Defines structure and use of JWTs for representing claims securely.
  • JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants: RFC 7523: Uses JWTs for secure client authentication and as authorization grants.
  • Proof Key for Code Exchange by OAuth Public Clients: RFC 7636: Improves security for public clients during authorization code exchange.
  • OAuth 2.0 Token Introspection: RFC 7662: Allows resource servers to verify the active state and metadata of tokens.
  • OAuth 2.0 Dynamic Client Registration Protocol: RFC 7591: Provides mechanisms for clients to register dynamically with authorization servers.
  • OAuth 2.0 Token Exchange: RFC 8693: Details the method for a secure exchange of one token type for another.
  • JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens: RFC 9068: Specifies the use of JWTs as OAuth 2.0 access tokens.
  • The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR): RFC 9101: Secures authorization requests using JWTs.
  • OAuth 2.0 Pushed Authorization Requests: RFC 9126: Enhances security by allowing clients to push authorization requests directly to the server.
  • OAuth 2.0 Authorization Server Issuer Identification: RFC 9207: Ensures the authenticity of authorization servers to clients.
  • OpenID Connect Core: Core Specification: Core functionality for OpenID Connect identity layer over OAuth 2.0.
  • OpenID Connect Discovery: Detailed Specification: Enables clients to discover provider configurations dynamically.
  • OpenID Connect RP-Initiated Logout: Detailed Specification: Details logout initiated by relying parties.
  • OpenID Connect Session Management: Detailed Specification: Manages user session states in identity providers.
  • OpenID Connect Front-Channel Logout: Detailed Specification: Handles logout requests through front-channel communication.
  • OpenID Connect Back-Channel Logout: Detailed Specification: Manages logout processes using back-channel communication.
  • OAuth 2.0 Multiple Response Type Encoding Practices: Core Specification: Encodes different response types in OAuth 2.0 requests.
  • OAuth 2.0 Form Post Response Mode: Core Specification: Transmits OAuth 2.0 responses via HTTP form posts.
  • OpenID Connect Dynamic Client Registration: Detailed Specification: Enables OpenID Connect clients to register dynamically with providers.
  • OpenID Connect Core: Pairwise Pseudonymous Identifiers (PPID): Core Specification: Implements a privacy mechanism by generating unique identifiers for clients.