Abstract
This document defines how to authenticate users and accessing parties on a web-services interface. It also defines how a resource owner can delegate access to its resources to an accessing party. Within this context, this document also defines the necessary roles and required separation of duties between these in order to fulfil requirements stated on security, data privacy and data protection.
All conditions and dependencies of the roles are defined towards a reference implementation using OAuth 2.0 compatible framework and OpenID Connect 1.0 compatible framework.
General information
-
Status: PublishedPublication date: 2021-11Stage: International Standard published [60.60]
-
Edition: 2Number of pages: 24
-
Technical Committee :ISO/TC 22/SC 31ICS :43.040.15
- RSS updates
Life cycle
-
Previously
WithdrawnISO 20078-3:2019
-
Now