OAuth 2.0 Message Authentication Code (MAC) Tokens

This specification describes how to use MAC Tokens in HTTP requests to access OAuth 2.0 protected resources. An OAuth client willing to access a protected resource needs to demonstrate possession of a cryptographic key by using it with a keyed message digest function to the request. The document also defines a key distribution protocol for obtaining a fresh session key.