actor_ token_ type
Registry Context
`actor_token_type` identifies the type of security token supplied in `actor_token`. It is required when `actor_token` is present and must not be included otherwise. Token type identifiers are URIs.
Technical Summary
In an RFC 8693 token exchange request, `actor_token_type` is the token type identifier for `actor_token`. The authorization server must apply the validation procedures appropriate to the indicated actor token type when an actor token is present.
When Used
Used in OAuth 2.0 Token Exchange requests that include an `actor_token` representing the acting party.
Normative Requirements
Clients
RFC 8693 - Section 2.1
Include `actor_token_type` in the token exchange request..
Condition: When `actor_token` is absent from the request.
MUST NOT be included otherwise.
RFC 8693 - Section 2.1
Include `actor_token_type` in the token exchange request..
Condition: When `actor_token` is present in the request.
This is REQUIRED when the actor_token parameter is present in the request.
RFC 8693 - Section 3
Use another URI to indicate an additional token type..
Condition: When none of the token type identifiers defined by RFC 8693 is appropriate.
Other URIs MAY be used to indicate other token types.
Authorization servers
RFC 8693 - Section 2.1
Perform the validation procedures appropriate for the actor token's indicated token type..
Condition: When an actor token is present.
The authorization server MUST perform the appropriate validation procedures for the indicated token type and, if the actor token is present, also perform the appropriate validation procedures for its indicated token type.
Validation Guidance
Reject requests that include `actor_token` without `actor_token_type`.
Reject requests that include `actor_token_type` without `actor_token`.
Verify that `actor_token_type` is a URI identifying the supplied actor token's type.
Validate the actor token using the procedures appropriate for the token type identified by `actor_token_type`.
Security Notes
RFC 8693 - Section 2.1
When an actor token is present, the authorization server must validate it using the procedures appropriate for its indicated token type.
Reference
Details
- Entry Id
actor_token_ type - Name
actor_token_ type - Parameter Usage Location
token request- Change Controller
IESG- Reference
RFC8693 - Section 2.1