oauth2.dev

dpop_jkt

IETF

Registry Context

`dpop_jkt` binds an authorization code to a specific DPoP public key by carrying that key's JWK Thumbprint in the authorization request. At the token endpoint, the authorization server verifies that the DPoP proof uses the same key.

Technical Summary

Defined in RFC 9449 Section 10, `dpop_jkt` contains the SHA-256 JWK Thumbprint of the proof-of-possession public key. The authorization server compares it with the thumbprint of the public key in the token request's DPoP proof and rejects a mismatch.

When Used

Optionally used in authorization requests to bind an authorization code to a DPoP key. With PAR, it can be included in the PAR POST body; RFC 9449 also defines use of a DPoP header as an alternative.

Normative Requirements

Clients

MUST
1

  1. RFC 9449 - Section 10.1

    Include `dpop_jkt` alongside the other authorization request parameters in the POST body of the PAR request..

    Condition: When PAR and DPoP are used and `dpop_jkt` is the mechanism used to communicate the DPoP key.

    dpop_jkt MUST be included alongside other authorization request parameters in the POST body of the PAR request.

MAY
1

  1. RFC 9449 - Section 10

    Use `dpop_jkt` in combination with PKCE..

    the dpop_jkt authorization request parameter MAY also be used in combination with Proof Key for Code Exchange (PKCE)

OPTIONAL
1

  1. RFC 9449 - Section 10

    Use the `dpop_jkt` authorization request parameter..

    Use of the dpop_jkt authorization request parameter is OPTIONAL.

Authorization servers

MUST
5

  1. RFC 9449 - Section 10

    Reject the token request if the JWK Thumbprint of the public key in its DPoP proof does not match the `dpop_jkt` value from the authorization request..

    Condition: When processing a token request for an authorization request containing `dpop_jkt`.

    If they do not match, it MUST reject the request.

  2. RFC 9449 - Section 10.1

    Check the DPoP proof JWT as defined in RFC 9449 Section 4.3..

    Condition: When the DPoP header is included in a PAR request as the alternative to `dpop_jkt`.

    the authorization server MUST check the provided DPoP proof JWT as defined in Section 4.3.

  3. RFC 9449 - Section 10.1

    Treat the public key thumbprint in a PAR request's DPoP header as if it were provided through `dpop_jkt`, rejecting a subsequent token request unless its DPoP proof uses the same key..

    Condition: When the DPoP header is included in the PAR request.

    It MUST further behave as if the contained public key's thumbprint was provided using dpop_jkt

  4. RFC 9449 - Section 10.1

    Support both the `dpop_jkt` parameter and DPoP-header mechanisms for communicating the DPoP key in a PAR request..

    Condition: When the authorization server supports both PAR and DPoP.

    Both mechanisms MUST be supported by an authorization server that supports PAR and DPoP.

  5. RFC 9449 - Section 10.1

    Reject the PAR request if the JWK Thumbprint in `dpop_jkt` does not match the public key in the DPoP header..

    Condition: When both mechanisms are used in the same PAR request.

    the authorization server MUST reject the request if the JWK Thumbprint in dpop_jkt does not match the public key in the DPoP header.

Validation Guidance

error

Validate that `dpop_jkt` contains the SHA-256 JWK Thumbprint of the proof-of-possession public key.

error

Reject a token request when its DPoP proof key thumbprint does not match the `dpop_jkt` value from the authorization request.

error

When `dpop_jkt` communicates the DPoP key through PAR, require it in the PAR POST body alongside the other authorization request parameters.

error

When a DPoP header communicates the key through PAR, validate its proof and require the subsequent token request's DPoP proof to use the same key.

error

An authorization server supporting PAR and DPoP must support both key-communication mechanisms.

error

If a PAR request contains both `dpop_jkt` and a DPoP header, reject it when they identify different keys.

Security Notes

RFC 9449 - Section 10

Binding the authorization code to the client's proof-of-possession key can enable end-to-end binding of the authorization flow.

RFC 9449 - Section 10

When `dpop_jkt` is used for protections similar to PKCE's authorization-code-injection countermeasure, a unique DPoP key is needed for each authorization request.

Reference

RFC9449 - Section 10

Details

Entry Id
dpop_jkt
Name
dpop_jkt
Parameter Usage Location
authorization request
Change Controller
IETF
Reference
RFC9449 - Section 10