HTurn password into restricted token. OAuth 1.0 RFC 5849: The OAuth 1.0 Protocol OAuth 2.0 Base: RFC 6749: The OAuth 2.0 Authorization Framework RFC 8252: OAuth 2.0 for Native Apps RFC 9700: Best Current Practice for OAuth 2.0 Security OAuth 2.1 draft-ietf-oauth-v2-1-15 - The OAuth 2.1 Authorization Framework Links PKCE OpenID