Deployment & Leading Practices
Deploying Dynamic Client Registration at Scale
Wednesday, June 23
11:00am - 11:25am MDT
Dynamic Client Registration defined by both OAuth2 and OpenID Connect provide significant security advantages over the default client identification model introduced with OAuth2. Some of these include a viable client instance deny-list mechanism, increasing trust for public clients, and "sender-constraining" tokens. This talk will cover the advantages of deploying Dynamic Client Registration (especially for mobile applications) as well as the challenges and lessons learned in the deployment.