{"draft":"draft-ietf-sipcore-sip-token-authnz-17","doc_id":"RFC8898","title":"Third-Party Token-Based Authentication and Authorization for Session Initiation Protocol (SIP)","authors":["R. Shekh-Yusef","C. Holmberg","V. Pascual"],"format":["HTML","TEXT","PDF","XML"],"page_count":"15","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Session Initiation Protocol Core","abstract":"This document defines the \"Bearer\" authentication scheme for the\r\nSession Initiation Protocol (SIP) and a mechanism by which user\r\nauthentication and SIP registration authorization is delegated to a\r\nthird party, using the OAuth 2.0 framework and OpenID Connect Core\r\n1.0.  This document updates RFC 3261 to provide guidance on how a SIP\r\nUser Agent Client (UAC) responds to a SIP 401\/407 response that\r\ncontains multiple WWW-Authenticate\/Proxy-Authenticate header fields.","pub_date":"September 2020","keywords":["SIP OAuth","3rd party authentication","Third party authentication"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC3261"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8898","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc8898"}