Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

2.1 Transport

These extensions transport messages over TCP, as specified in [RFC793], and do not pass any specific parameters to the transport. Transport-layer security MUST be used to secure the security tokens. These extensions use HTTPS, as specified in [RFC2818], to do so.

Messages sent using these extensions are not encoded by Open-Data, as specified in [MS-ODATA], and use the default character set defined by the client or the server.

Security tokens are JWTs and are sent using HTTP Authorization headers, as specified in [IETFDRAFT-JWT]. HTTP Authorization headers are specified in [RFC2617].

© 2015 Microsoft