Skip to content

OAuth security BCP addition #843

Description

@bitbucket-import-issues

Originally submitted by josephheenan (Joseph Heenan) on 2026-03-16

Note that there's an update to the OAuth security in progress:

https://datatracker.ietf.org/doc/draft-ietf-oauth-security-topics-update/

We should probably address the document and each mentioned attack in some way.

1 attack is the private_key_jwt aud issue that's already addressed. I'm not sure about the others.


Bitbucket status: new

Bitbucket origin: issue 855

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions