@misc{rfc8252,
    series =    {Request for Comments},
    number =    8252,
    howpublished =  {RFC 8252},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC8252},
    url =       {https://www.rfc-editor.org/info/rfc8252},
    author =    {William Denniss and John Bradley},
    title =     {{OAuth 2.0 for Native Apps}},
    pagetotal = 21,
    year =      2017,
    month =     oct,
    abstract =  {OAuth 2.0 authorization requests from native apps should only be made through external user-agents, primarily the user's browser. This specification details the security and usability reasons why this is the case and how native apps and authorization servers can implement this best practice.},
}