oauth2.dev

may_act

IESG

Registry Context

`may_act` is an authorized Actor - the party that is authorized to become the actor claim.

Technical Summary

OAuth 2.0 Token Exchange Section 4.4 defines `may_act` for JWT claim sets with the registry description: Authorized Actor - the party that is authorized to become the actor.

When Used

Used in JWTs that follow OAuth 2.0 Token Exchange Section 4.4.

Validation Guidance

info

When processing `may_act`, apply the syntax and semantics from OAuth 2.0 Token Exchange Section 4.4.

info

Treat `may_act` as profile-specific unless the JWT explicitly follows the referenced specification.

Reference

Details

Entry Id
may_act
Claim Name
may_act
Claim Description
Authorized Actor - the party that is authorized to become the actor
Change Controller
IESG
Reference
RFC8693 - Section 4.4