From 7c2a9d7df2e0960f8643b90a5f2bd487e2565fa2 Mon Sep 17 00:00:00 2001
From: Atul Tulshibagwale <atultulshi@gmail.com>
Date: Tue, 6 Aug 2024 08:33:38 -0700
Subject: [PATCH] added links to TraTs spec

---
 content/docs/quickstart/_index.md        | 2 ++
 content/docs/transaction-token/_index.md | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/content/docs/quickstart/_index.md b/content/docs/quickstart/_index.md
index 4db75a1..938b69b 100644
--- a/content/docs/quickstart/_index.md
+++ b/content/docs/quickstart/_index.md
@@ -6,6 +6,8 @@ toc: true
 
 Welcome to the Tratteria quickstart guide. This tutorial will guide you through setting up the sample application and observing Tratteria in action.
 
+Tratteria is an open source implementation of the [IETF OAuth Transaction Tokens (TraTs) draft specification](https://datatracker.ietf.org/doc/draft-ietf-oauth-transaction-tokens/).
+
 ## Deployment
 
 Follow the instructions in the [README](https://github.com/tratteria/example-application/blob/main/README.md) of the example application to deploy the application.
diff --git a/content/docs/transaction-token/_index.md b/content/docs/transaction-token/_index.md
index bd52b41..6bb2185 100644
--- a/content/docs/transaction-token/_index.md
+++ b/content/docs/transaction-token/_index.md
@@ -5,6 +5,7 @@ toc: true
 ---
 
 ## Background
+Transaction Tokens (TraTs) are described in a draft specification from the IETF OAuth working group. See here: [Transaction Tokens](https://datatracker.ietf.org/doc/draft-ietf-oauth-transaction-tokens/). This document describes the background and need for Transaction Tokens.
 
 ### Microservices
 
@@ -39,7 +40,7 @@ To address these vulnerabilities, TraTs represent an evolution from traditional
 
 ### Transaction Tokens (TraTs)
 
-TraTs are short-lived, cryptographically signed JSON Web Tokens that immutably preserve the user identity and authorization context of an external API invocation. They ensure that the user identity and authorization details of an external request, such as an API call, are maintained across all involved services within a microservices application. Additionally, TraTs enable these services to assert their involvement in the transaction chain to downstream workloads.
+TraTs are short-lived, cryptographically signed JSON Web Tokens (JWTs) that immutably preserve the user identity and authorization context of an external API invocation. They ensure that the user identity and authorization details of an external request, such as an API call, are maintained across all involved services within a microservices application. Additionally, TraTs enable these services to assert their involvement in the transaction chain to downstream workloads.
 
 ### Benefits of TraTs