Internet Assigned Numbers Authority • Domains • Protocols • Numbers • About Authentication and Authorization for Constrained Environments (ACE) Created 2021-07-27 Last Updated 2026-04-08 Available Formats [IMG] XML [IMG] HTML [IMG] Plain text Registries Included Below • ACE Authorization Server Request Creation Hints • OAuth Error Code CBOR Mappings • OAuth Grant Type CBOR Mappings • OAuth Access Token Type CBOR Mappings • ACE Profiles • OAuth Parameters CBOR Mappings • OAuth Token Introspection Response CBOR Mappings • OSCORE Security Context Parameters • ACE Groupcomm Parameters • ACE Groupcomm Key Types • ACE Groupcomm Profiles • ACE Groupcomm Policies • Sequence Number Synchronization Methods • ACE Groupcomm Errors • ACE Groupcomm Rekeying Schemes • ACE Token Revocation List Parameters • ACE Token Revocation List Errors • Group OSCORE Roles ACE Authorization Server Request Creation Hints Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action 256 to 65535 Specification Required greater than 65535 Expert Review Name CBOR Key Value Type Reference Reserved for Private Use less than -65536 [RFC9200] AS 1 text string [RFC9200] kid 2 byte string [RFC9200] audience 5 text string [RFC9200] scope 9 text or byte string [RFC9200] cnonce 39 byte string [RFC9200] OAuth Error Code CBOR Mappings Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 or greater Expert Review Name CBOR Value Reference Original Specification Reserved for Private Use less than -65536 [RFC9200] invalid_request 1 [RFC9200] [RFC 6749, Section 5.2] invalid_client 2 [RFC9200] [RFC 6749, Section 5.2] invalid_grant 3 [RFC9200] [RFC 6749, Section 5.2] unauthorized_client 4 [RFC9200] [RFC 6749, Section 5.2] unsupported_grant_type 5 [RFC9200] [RFC 6749, Section 5.2] invalid_scope 6 [RFC9200] [RFC 6749, Section 5.2] unsupported_pop_key 7 [RFC9200] [RFC9200] incompatible_ace_profiles 8 [RFC9200] [RFC9200] OAuth Grant Type CBOR Mappings Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 or greater Expert Review Name CBOR Value Reference Original Specification Reserved for Private Use less than -65536 [RFC9200] password 0 [RFC9200] [RFC 6749, Section 4.3.2] authorization_code 1 [RFC9200] [RFC 6749, Section 4.1.3] client_credentials 2 [RFC9200] [RFC 6749, Section 4.4.2] refresh_token 3 [RFC9200] [RFC 6749, Section 6] OAuth Access Token Type CBOR Mappings Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 or greater Expert Review Name CBOR Value Reference Original Specification Reserved for Private Use less than -65536 [RFC9200] Bearer 1 [RFC9200] [RFC6749] PoP 2 [RFC9200] [RFC9200] ACE Profiles Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action 256 to 65535 Specification Required greater than 65535 Expert Review Name Description CBOR Value Reference Reserved for Private Use less than -65536 [RFC9200] Profile for delegating client Authentication and Authorization for Constrained coap_dtls Environments by establishing a Datagram Transport Layer Security (DTLS) or 1 [RFC9202][RFC9430] Transport Layer Security (TLS) channel between resource-constrained nodes. coap_oscore Profile for using OSCORE to secure communication between constrained nodes using 2 [RFC9203] the Authentication and Authorization for Constrained Environments framework. Profile for delegating Client authentication and authorization using MQTT for the Client and Broker (RS) interactions and HTTP for the AS interactions. TLS is used mqtt_tls for confidentiality and integrity protection and server authentication. Client 3 [RFC9431] authentication can be provided either via TLS or using in-band PoP validation at the MQTT application layer. OAuth Parameters CBOR Mappings Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 or greater Expert Review Name CBOR Key Value Type Reference Original Specification Reserved for Private Use less than -65536 [RFC9200] access_token 1 byte string [RFC9200] [RFC6749] expires_in 2 unsigned integer [RFC9200] [RFC6749] req_cnf 4 map [RFC9201, Section 3.1] [RFC9201] audience 5 text string [RFC9200] [RFC8693] cnf 8 map [RFC9201, Section 3.2] [RFC9201] scope 9 text or byte string [RFC9200] [RFC6749] client_id 24 text string [RFC9200] [RFC6749] client_secret 25 byte string [RFC9200] [RFC6749] response_type 26 text string [RFC9200] [RFC6749] redirect_uri 27 text string [RFC9200] [RFC6749] state 28 text string [RFC9200] [RFC6749] code 29 byte string [RFC9200] [RFC6749] error 30 integer [RFC9200] [RFC6749] error_description 31 text string [RFC9200] [RFC6749] error_uri 32 text string [RFC9200] [RFC6749] grant_type 33 unsigned integer [RFC9200] [RFC6749] token_type 34 integer [RFC9200] [RFC6749] username 35 text string [RFC9200] [RFC6749] password 36 text string [RFC9200] [RFC6749] refresh_token 37 byte string [RFC9200] [RFC6749] ace_profile 38 integer [RFC9200] [RFC9200] cnonce 39 byte string [RFC9200] [RFC9200] nonce1 40 bstr [RFC9203] rs_cnf 41 map [RFC9201, Section 3.2] [RFC9201] nonce2 42 bstr [RFC9203] ace_client_recipientid 43 bstr [RFC9203] ace_server_recipientid 44 bstr [RFC9203] sign_info 45 Null or array [RFC9594] kdcchallenge 46 byte string [RFC9594] ecdh_info 47 Null or array [RFC-ietf-ace-key-groupcomm-oscore-21] [RFC-ietf-ace-key-groupcomm-oscore-21] kdc_dh_creds 48 Null or array [RFC-ietf-ace-key-groupcomm-oscore-21] [RFC-ietf-ace-key-groupcomm-oscore-21] OAuth Token Introspection Response CBOR Mappings Expert(s) Göran Selander Reference [RFC9200] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 or greater Expert Review Name CBOR Key Value Type Reference Original Specification Reserved for Private Use less than -65536 [RFC9200] iss 1 text string [RFC9200] [RFC7662] sub 2 text string [RFC9200] [RFC7662] aud 3 text string [RFC9200] [RFC7662] exp 4 integer or floating-point number [RFC9200] [RFC7662] nbf 5 integer or floating-point number [RFC9200] [RFC7662] iat 6 integer or floating-point number [RFC9200] [RFC7662] cti 7 byte string [RFC9200] [RFC9200] cnf 8 map [RFC9201, Section 4] [RFC8705] scope 9 text or byte string [RFC9200] [RFC7662] active 10 True or False [RFC9200] [RFC7662] token 11 byte string [RFC9200] [RFC7662] client_id 24 text string [RFC9200] [RFC7662] error 30 integer [RFC9200] [RFC7662] error_description 31 text string [RFC9200] [RFC7662] error_uri 32 text string [RFC9200] [RFC7662] token_type_hint 33 text string [RFC9200] [RFC7662] token_type 34 integer [RFC9200] [RFC7662] username 35 text string [RFC9200] [RFC7662] ace_profile 38 integer [RFC9200] [RFC9200] cnonce 39 byte string [RFC9200] [RFC9200] exi 40 unsigned integer [RFC9200] [RFC9200] OSCORE Security Context Parameters Expert(s) Göran Selander Reference [RFC9203] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Strings of length 1 Standards Action With Expert Review Strings of length 2 Specification Required Strings of length greater than 2 Expert Review Name CBOR Label CBOR Type Registry Description Reference Reserved for Private less than [RFC9203] Use -65536 id 0 byte string OSCORE Input Material [RFC9203] Identifier version 1 unsigned OSCORE Version [RFC9203] integer ms 2 byte string OSCORE Master Secret [RFC9203] value hkdf 3 text string / [COSE Algorithms] Values OSCORE HKDF value [RFC9203] integer (HMAC-based) alg 4 text string / [COSE Algorithms] Values (AEAD) OSCORE AEAD Algorithm [RFC9203] integer value salt 5 byte string an input to OSCORE Master [RFC9203] Salt value contextId 6 byte string OSCORE ID Context value [RFC9203] OSCORE Sender ID assigned group_SenderId 7 byte string to a member of an OSCORE [RFC-ietf-ace-key-groupcomm-oscore-21] group [COSE Header Parameters] Labels Format of authentication cred_fmt 8 integer (integer) credentials to be used in [RFC-ietf-ace-key-groupcomm-oscore-21] the OSCORE group gp_enc_alg 9 text string / [COSE Algorithms] Values OSCORE Group Encryption [RFC-ietf-ace-key-groupcomm-oscore-21] integer Algorithm Value sign_alg 10 text string / [COSE Algorithms] Values OSCORE Signature [RFC-ietf-ace-key-groupcomm-oscore-21] integer Algorithm Value [COSE Algorithms] Capabilities, OSCORE Signature sign_params 11 array [COSE Key Types] Capabilities, Algorithm Parameters [RFC-ietf-ace-key-groupcomm-oscore-21] [COSE Elliptic Curves] Values ecdh_alg 12 text string / [COSE Algorithms] Values OSCORE Pairwise Key [RFC-ietf-ace-key-groupcomm-oscore-21] integer Agreement Algorithm Value [COSE Algorithms] Capabilities, OSCORE Pairwise Key ecdh_params 13 array [COSE Key Types] Capabilities, Agreement Algorithm [RFC-ietf-ace-key-groupcomm-oscore-21] [COSE Elliptic Curves] Values Parameters ACE Groupcomm Parameters Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Strings of length 1 Standards Action With Expert Review Strings of length 2 Specification Required Strings of length greater than 2 Expert Review Name CBOR Key CBOR Type Reference Reserved for Private Use less than -65536 [RFC9594] gid 0 array [RFC9594] gname 1 array of tstr [RFC9594] guri 2 array of tstr [RFC9594] scope 3 bstr [RFC9594] get_creds 4 Null or array [RFC9594] client_cred 5 bstr [RFC9594] cnonce 6 bstr [RFC9594] gkty 7 int or tstr [RFC9594] key 8 See the [ACE Groupcomm Key Types] registry [RFC9594] num 9 int [RFC9594] ace_groupcomm_profile 10 int [RFC9594] exp 11 uint [RFC9594] exi 12 uint [RFC9594] creds 13 array [RFC9594] peer_roles 14 array [RFC9594] peer_identifiers 15 array [RFC9594] group_policies 16 map [RFC9594] kdc_cred 17 bstr [RFC9594] kdc_nonce 18 bstr [RFC9594] kdc_cred_verify 19 bstr [RFC9594] rekeying_scheme 20 int [RFC9594] group_senderId 21 bstr [RFC-ietf-ace-key-groupcomm-oscore-21] client_cred_verify 24 bstr [RFC9594] creds_repo 25 tstr [RFC9594] control_uri 26 tstr [RFC9594] mgt_key_material 27 bstr [RFC9594] control_group_uri 28 tstr [RFC9594] sign_info 29 Null or array [RFC9594] kdcchallenge 30 bstr [RFC9594] ecdh_info 31 array [RFC-ietf-ace-key-groupcomm-oscore-21] kdc_dh_creds 32 array [RFC-ietf-ace-key-groupcomm-oscore-21] sign_enc_key 33 bstr [RFC-ietf-ace-key-groupcomm-oscore-21] stale_node_ids 34 array [RFC-ietf-ace-key-groupcomm-oscore-21] ACE Groupcomm Key Types Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Strings of length 1 Standards Action With Expert Review Strings of length 2 Specification Required Strings of length greater than 2 Expert Review Key Name Type Profile Description Reference Value less Reserved for Private Use than [RFC9594] -65536 Reserved 0 This value is reserved [RFC9594] "coap_group_oscore_app", registered in A Group_OSCORE_Input_Material object Group_OSCORE_Input_Material 1 [RFC-ietf-ace-key-groupcomm-oscore-21, encoded as described in [RFC-ietf-ace-key-groupcomm-oscore-21] object Section 17.5] [RFC-ietf-ace-key-groupcomm-oscore-21, Section 6.3] ACE Groupcomm Profiles Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Name Description CBOR Value Reference Reserved for Private Use less than -65536 [RFC9594] Reserved This value is reserved 0 [RFC9594] Application profile to provision keying material for coap_group_oscore_app participating in group communication protected with Group 1 [RFC-ietf-ace-key-groupcomm-oscore-21] OSCORE as per [draft-ietf-core-oscore-groupcomm] ACE Groupcomm Policies Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Strings of length 1 Standards Action With Expert Review Strings of length 2 Specification Required Strings of length greater than 2 Expert Review Name CBOR Label CBOR Type Description Reference Reserved for Private Use less than -65536 [RFC9594] Sequence Number Synchronization Method for recipient group members to synchronize with sequence numbers Method 0 int or tstr of sender group members. Its value is taken from the "Value" column of [RFC9594] the "Sequence Number Synchronization Method" registry Key Update Check Interval 1 int Polling interval in seconds, for group members to check at the KDC if the [RFC9594] latest group keying material is the one that they store Number of seconds from 'exp' until a UTC date/time, after which group Expiration Delta 2 uint members MUST stop using the group keying material that they store to [RFC9594] decrypt incoming messages Sequence Number Synchronization Methods Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Strings of length 1 Standards Action With Expert Review Strings of length 2 Specification Required Strings of length greater than 2 Expert Review Name Value Description Reference Reserved for Private Use less than -65536 [RFC9594] ACE Groupcomm Errors Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Value Description Reference less than -65536 Reserved for Private Use [RFC9594] 0 Operation permitted only to group members [RFC9594] 1 Request inconsistent with the current roles [RFC9594] 2 Authentication credential incompatible with the group configuration [RFC9594] 3 Invalid proof-of-possession evidence [RFC9594] 4 No available individual keying material [RFC9594] 5 Group membership terminated [RFC9594] 6 Group deleted [RFC9594] 7 Signatures not used in the group [RFC-ietf-ace-key-groupcomm-oscore-21] 8 Operation permitted only to signature verifiers [RFC-ietf-ace-key-groupcomm-oscore-21] 9 Group currently not active [RFC-ietf-ace-key-groupcomm-oscore-21] ACE Groupcomm Rekeying Schemes Expert(s) Francesca Palombini, Marco Tiloca, Rikard Höglund Reference [RFC9594] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Value Name Description Reference Reserved for Private Use less than -65536 [RFC9594] 0 Point-to-Point The KDC individually targets each node to rekey, using the pairwise secure communication [RFC9594] association with that node ACE Token Revocation List Parameters Expert(s) Marco Tiloca Reference [RFC9770] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Name CBOR Key CBOR Type Reference Reserved for Private Use less than -65536 [RFC9770] Unassigned -65536..-1 full_set 0 array [RFC9770] diff_set 1 array [RFC9770] cursor 2 Null or unsigned integer [RFC9770] more 3 True or False [RFC9770] ACE Token Revocation List Errors Expert(s) Marco Tiloca Reference [RFC9770] Available Formats [IMG] CSV Range Registration Procedures less than -65536 Private Use -65536 to -257 Specification Required -256 to 255 Standards Action With Expert Review 256 to 65535 Specification Required greater than 65535 Expert Review Value Description Reference less than -65536 Reserved for Private Use [RFC9770] -65536..-1 Unassigned 0 Invalid parameter value [RFC9770] 1 Invalid set of parameters [RFC9770] 2 Out of bound cursor value [RFC9770] Group OSCORE Roles Expert(s) Unassigned Reference [RFC-ietf-ace-key-groupcomm-oscore-21] Available Formats [IMG] CSV Range Registration Procedures 0-65535 Expert Review greater than 65535 Private Use Value Name Description Reference 0 Reserved This value is reserved [RFC-ietf-ace-key-groupcomm-oscore-21] 1 Requester Send protected requests; receive protected responses [RFC-ietf-ace-key-groupcomm-oscore-21] 2 Responder Send protected responses; receive protected requests [RFC-ietf-ace-key-groupcomm-oscore-21] 3 Monitor Receive protected requests; never send protected messages [RFC-ietf-ace-key-groupcomm-oscore-21] 4 Verifier Verify signature of intercepted messages protected with the [RFC-ietf-ace-key-groupcomm-oscore-21] group mode 5-65535 Unassigned Unassigned greater than 65535 Reserved for Private Use Reserved for Private Use [RFC-ietf-ace-key-groupcomm-oscore-21] Licensing Terms