OAuth 2.0 Rich Authorization Requests

OAuth 2.0 Rich Authorization Requests (RFC 9396) is also in the field of fine-grained authorization.

It enhances OAuth 2.0 by providing a more detailed and expressive way to define authorization requirements, making it suitable for scenarios that require fine-grained control over access permissions.

In traditional OAuth 2.0 flows, the scope parameter is used to request a limited set of permissions (e.g., read, write). However, scopes are often too coarse and do not provide the flexibility needed for many applications that require precise access control. RAR solves this by enabling clients to provide a rich set of parameters to describe what specific access they require.