Supported Specifications
========================

IdentityServer implements the following specifications:

OpenID Connect
^^^^^^^^^^^^^^

* OpenID Connect Core 1.0 (`spec <http://openid.net/specs/openid-connect-core-1_0.html>`_)
* OpenID Connect Discovery 1.0 (`spec <http://openid.net/specs/openid-connect-discovery-1_0.html>`_)
* OpenID Connect RP-Initiated Logout 1.0 - draft 01 (`spec <https://openid.net/specs/openid-connect-rpinitiated-1_0.html>`_)
* OpenID Connect Session Management 1.0 - draft 30 (`spec <http://openid.net/specs/openid-connect-session-1_0.html>`_)
* OpenID Connect Front-Channel Logout 1.0 - draft 04 (`spec <https://openid.net/specs/openid-connect-frontchannel-1_0.html>`_)
* OpenID Connect Back-Channel Logout 1.0 - draft 06 (`spec <https://openid.net/specs/openid-connect-backchannel-1_0.html>`_)

OAuth 2.0
^^^^^^^^^

* OAuth 2.0 (`RFC 6749 <http://tools.ietf.org/html/rfc6749>`_)
* OAuth 2.0 Bearer Token Usage (`RFC 6750 <http://tools.ietf.org/html/rfc6750>`_)
* OAuth 2.0 Multiple Response Types (`spec <http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html>`_)
* OAuth 2.0 Form Post Response Mode (`spec <http://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html>`_)
* OAuth 2.0 Token Revocation (`RFC 7009 <https://tools.ietf.org/html/rfc7009>`_)
* OAuth 2.0 Token Introspection (`RFC 7662 <https://tools.ietf.org/html/rfc7662>`_)
* Proof Key for Code Exchange (`RFC 7636 <https://tools.ietf.org/html/rfc7636>`_)
* JSON Web Tokens for Client Authentication (`RFC 7523 <https://tools.ietf.org/html/rfc7523>`_)
* OAuth 2.0 Device Authorization Grant (`RFC 8628 <https://tools.ietf.org/html/rfc8628>`_)
* OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens (`RFC 8705 <https://tools.ietf.org/html/rfc8705>`_)
* JWT Secured Authorization Request (`draft <https://tools.ietf.org/html/draft-ietf-oauth-jwsreq>`_)