actor_ token
Registry Context
An optional token exchange request parameter containing a security token that represents the acting party's identity.
Technical Summary
In an RFC 8693 token exchange request, actor_token represents the acting party. When present, actor_token_type is required, and the authorization server validates the actor token according to its indicated token type.
When Used
Used when a token exchange involves an acting party, typically one authorized to use the requested security token and act on behalf of the subject.
Normative Requirements
Clients
RFC 8693 - Section 2.1
include actor_token_type..
Condition: When actor_token is absent from the request.
actor_token_type MUST NOT be included otherwise.
RFC 8693 - Section 2.1
include actor_token_type..
Condition: When actor_token is present in the request.
This is REQUIRED when the actor_token parameter is present in the request.
RFC 8693 - Section 2.1
The actor_token parameter is optional in a token exchange request..
Condition: When making an OAuth 2.0 token exchange request.
actor_token OPTIONAL. A security token that represents the identity of the acting party.
Authorization servers
RFC 8693 - Section 2.1
perform the appropriate validation procedures for the actor token's indicated token type..
Condition: When actor_token is present in the request.
the authorization server MUST perform the appropriate validation procedures for the indicated token type and, if the actor token is present, also perform the appropriate validation procedures for its indicated token type.
Validation Guidance
Verify that actor_token_type is included whenever actor_token is present.
Verify that actor_token_type is not included when actor_token is absent.
When actor_token is present, validate it using the procedures appropriate for the token type indicated by actor_token_type.
Do not require actor_token in every token exchange request.
Reference
Details
- Entry Id
actor_token - Name
actor_token - Parameter Usage Location
token request- Change Controller
IESG- Reference
RFC8693 - Section 2.1