see 2021
Session / Deployment & Leading Practices

Deploying Dynamic Client Registration at Scale

Wednesday, June 23
11:00am - 11:25am MDT

Dynamic Client Registration defined by both OAuth2 and OpenID Connect provide significant security advantages over the default client identification model introduced with OAuth2. Some of these include a viable client instance deny-list mechanism, increasing trust for public clients, and "sender-constraining" tokens. This talk will cover the advantages of deploying Dynamic Client Registration (especially for mobile applications) as well as the challenges and lessons learned in the deployment.