OAuth 2.0 Pushed Authorization Requests

RFC 9126: OAuth 2.0 Pushed Authorization Requests

datatracker.ietf.org/doc/html/rfc9126

The Pushed Authorization Requests extension describes a technique of initiating an OAuth flow from the backchannel instead of by building a URL, providing better security and more flexibility for building complex authorization requests.

More resources

Illustrated PAR: OAuth 2.0 Pushed Authorization Requests (Takahiko Kawasaki)