oauth2.dev

ace_profile

IETF

Registry Context

`ace_profile` is a the ACE profile a token is supposed to be used with. claim.

Technical Summary

Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth) Section 5.10 defines `ace_profile` for JWT claim sets with the registry description: The ACE profile a token is supposed to be used with..

When Used

Used in JWTs that follow Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth) Section 5.10.

Normative Requirements

Authorization servers

MAY
1
  1. 9200 - Section 5.10

    include an `ace_profile` claim in the access token..

    Condition: When it needs to convey a hint to the resource server about which ACE profile to use.

    the AS MAY include an ace_profile claim in the access token

Validation Guidance

error

When processing `ace_profile`, apply the syntax and semantics from Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth) Section 5.10.

info

Treat `ace_profile` as profile-specific unless the JWT explicitly follows the referenced specification.

Reference

Details

Entry Id
ace_profile
Claim Name
ace_profile
Claim Description
The ACE profile a token is supposed to be used with.
Change Controller
IETF
Reference
RFC9200 - Section 5.10