Standard
DPoP
Demonstrating Proof of Possession (RFC 9449). Binds an access token to a specific key held by the client, so a stolen bearer token cannot be replayed. Important for high-assurance APIs that cannot rely on mTLS.
Demonstrating Proof of Possession (RFC 9449). Binds an access token to a specific key held by the client, so a stolen bearer token cannot be replayed. Important for high-assurance APIs that cannot rely on mTLS.