A new RFC Published: The GNAP Core Protocol
The GNAP Core protocol has just been published as RFC 9635. The protocol has been in the works for 5 years, four of them within the GNAP Working Group of the IETF, which I co-chaired with Leif Johansson. I am very proud of the final product.
The GNAP RFC establishes a flexible framework for managing access rights between different parties. It streamlines the process of requesting, granting, and managing authorization, enabling greater adaptability and control in diverse environments. By introducing standardized interactions and data structures, GNAP facilitates seamless communication between clients seeking access and authorization servers responsible for granting it. This versatile protocol supports various authorization models and grant types, offering the flexibility to accommodate a wide range of use cases and security requirements.
While OAuth remains deeply entrenched in the...