Support RFC 8707

Feature: Support RFC 8707

Description: 3rd party binaries implementing the OAuth2 standard generally follow the RFCs and specs aggregated on Code — OAuth. If RFC 8707 were implemented, the “resource” parameter could be used alternatively to or in lieu of the “audience” parameter of the token endpoint which would increase compatibility of those 3rd party binaries without costly patches and custom builds.

Use-case: Envoy Proxy implements the OAuth2 standard through a filter and its configuration allows a list of “resources” to be provided that are appended as individual “resource” query parameters to the token endpoint. (OAuth2 — envoy 1.20.0-dev-fd511f documentation). If RFC 8707 were implemented, the publicly available builds of Envoy Proxy would be usable as a generalized, reverse proxy solution for web applications that includes authentication flow and token caching.

Hi @devops7,

Welcome to the Auth0 Community!

I moved this to the Feature Request category for better visibility.


1 Like