Start with Identity
Subscribe
← Blog
News

IETF publishes OAuth 2.0 Security Best Current Practice as RFC 9700

The OAuth 2.0 Security BCP became RFC 9700, consolidating hardening guidance such as PKCE everywhere and sender-constrained tokens.

By SWI Community TeamJan 21, 2025

The OAuth 2.0 Security BCP became RFC 9700, consolidating hardening guidance such as PKCE everywhere and sender-constrained tokens.

Source: IETF

#identity-news#standards
Independent analysis. No vendor sponsorship.