OpenStack Identity (keystone)

OAuth2.0 mutual TLS support

Registered by Hiromu Asahina

Provide the option for users to proof-of-possession of OAuth2.0 access token based on `RFC8705 OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens`. Users will be able to authenticate their OAuth2.0 client with a client certificate instead of using Basic authentication with client_id/client_secret to prevent a token from being used by a malicious client.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Hiromu Asahina
Direction:
Needs approval
Assignee:
Hiromu Asahina
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.opendev.org/#/q/topic:bp/support-oauth2-mtls

Addressed by: https://review.opendev.org/c/openstack/keystone-specs/+/843765
    OAuth 2.0 Mutual-TLS Support

Addressed by: https://review.opendev.org/c/openstack/keystone/+/860613
    OAuth 2.0 Mutual-TLS Support

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.