👩‍🏫
Big ACL Docs
big-acl.comStatusSupport
  • Welcome
  • What is Big ACL ?
  • Getting started
    • Signing up
    • Authoring your first rule
    • Writing Effective Rules
  • Key Concepts
    • Lifecycle of an Authorization Rule
    • Managing Exceptions
  • Authorization Landscape
    • RBAC
    • ABAC
    • ReBAC
    • CEDAR
    • XACML
    • Zanzibar
    • OAuth 2.0 Rich Authorization Requests
  • API
    • Authentication
    • Authorization
  • Connectors
    • Spring Security
    • Open Policy Agent
    • Amazon Verified Permissions
Powered by GitBook
On this page

Was this helpful?

  1. Authorization Landscape

OAuth 2.0 Rich Authorization Requests

OAuth 2.0 Rich Authorization Requests (RFC 9396) is also in the field of fine-grained authorization.

It enhances OAuth 2.0 by providing a more detailed and expressive way to define authorization requirements, making it suitable for scenarios that require fine-grained control over access permissions.

In traditional OAuth 2.0 flows, the scope parameter is used to request a limited set of permissions (e.g., read, write). However, scopes are often too coarse and do not provide the flexibility needed for many applications that require precise access control. RAR solves this by enabling clients to provide a rich set of parameters to describe what specific access they require.

PreviousZanzibarNextAPI

Last updated 6 months ago

Was this helpful?