From 2e4e9a3f5d6362e6ecaafc99001eb73af847055b Mon Sep 17 00:00:00 2001
From: rishidev <rishidev@users.noreply.github.com>
Date: Sat, 11 Jan 2020 15:17:18 +0000
Subject: [PATCH] Use Data Security WS recommended AAI text

---
 docs/asciidoc/front_matter.adoc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/asciidoc/front_matter.adoc b/docs/asciidoc/front_matter.adoc
index 5c4dd2101..79d3c7c4e 100644
--- a/docs/asciidoc/front_matter.adoc
+++ b/docs/asciidoc/front_matter.adoc
@@ -41,7 +41,9 @@ The DRS API specification is written in OpenAPI and embodies a RESTful service p
 
 === Making DRS Requests
 
-The DRS implementation is responsible for defining and enforcing an authorization policy that determines which users are allowed to make which requests. GA4GH recommends that DRS implementations use an OAuth 2.0 https://oauth.net/2/bearer-tokens/[bearer token], although they can choose other mechanisms if appropriate. 
+The DRS implementation is responsible for defining and enforcing an authorization policy that determines which users are allowed to make which requests. 
+
+GA4GH recommends the use of the OAuth 2.0 framework ([RFC 6749](https://tools.ietf.org/html/rfc6749)) for authentication and authorization. It is also recommended that implementations of this standard implement and follow the [GA4GH Authentication and Authorization Infrastructure (AAI) standard](https://w3id.org/ga4gh/product-approval-support/aai).
 
 === Fetching DRS Objects