Deploying Dynamic Client Registration at Scale

Dynamic Client Registration defined by both OAuth2 and OpenID Connect provide significant security advantages over the default client identification model introduced with OAuth2. Some of these include a viable client instance deny-list mechanism, increasing trust for public clients, and "sender-constraining" tokens. This talk will cover the advantages of deploying Dynamic Client Registration (especially for mobile applications) as well as the challenges and lessons learned in the deployment.