The OAuth 2.0 authorization framework [RFC6749] defines the parameter "scope" that allows OAuth clients to specify the requested scope, i.e., the permission, of an access token. This mechanism is sufficient to implement static scenarios and coarse-grained authorization requests, such as "give me read access to the resource owner's profile" but it is not sufficient to specify fine-grained authorization requirements, such as "please let me make a payment with the amount of 45 Euros" or "please give me read access to folder A and write access to file X".
This session is about Rich Authorization Requests (RAR), a new OAuth draft allowing clients to specify their fine-grained authorization requirements using the expressiveness of JSON data structures.
https://tools.ietf.org/html/draft-ietf-oauth-rar-01