requested_ token_ type
Registry Context
`requested_token_type` is an optional token exchange request parameter that identifies the type of security token the client is requesting.
Technical Summary
In an RFC 8693 token exchange request, `requested_token_type` carries a token type identifier. Section 3 specifies that token type identifiers are URIs.
When Used
Use it when requesting a particular output token type in an OAuth 2.0 token exchange. If omitted, the authorization server chooses the issued token type.
Normative Requirements
Clients
RFC 8693 - Section 2.1
Include the `requested_token_type` parameter to identify the type of security token requested..
Condition: When making a token exchange request.
requested_token_type OPTIONAL. An identifier, as described in Section 3, for the type of the requested security token.
Unspecified actor
RFC 8693 - Section 3
Use token type identifier URIs other than those defined by RFC 8693 to indicate other token types..
Other URIs MAY be used to indicate other token types.
Validation Guidance
Accept omission of `requested_token_type` as valid input.
When present, verify that `requested_token_type` is a URI representing a token type identifier.
Do not restrict the value to token type identifiers defined by RFC 8693; other URI identifiers are permitted.
Treat the value as an identifier describing the requested token type, not as the requested token itself.
Reference
Details
- Entry Id
requested_token_ type - Name
requested_token_ type - Parameter Usage Location
token request- Change Controller
IESG- Reference
RFC8693 - Section 2.1