All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Client ID Metadata Documents (CIMD): OAuth Client Identification Using URLs

By

mooreds

6mo ago· 3 min readen
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Hand-rolled, kettle-boiled, baked to perfection. Worth every minute at the bakery.

Score80Typehow-toSentimentpositive

Summary

Client ID Metadata Documents (CIMD) is a new OAuth approach that allows clients to identify themselves using URLs instead of requiring pre-registration. Clients host a JSON metadata document at an HTTPS URL and use that URL as their client_id, eliminating the need for manual registration with authorization servers. This reduces friction, supports dynamic ecosystems like MCP (Model Context Protocol), and solves interoperability issues in OAuth implementations.

Key quotes

· 4 pulled
Client ID Metadata Documents (CIMD) let OAuth clients identify themselves using a URL. No preregistration necessary.
CIMD reduces friction, supports dynamic ecosystems like MCP, and eliminates interoperability headaches.
Instead of a pre-registered client ID, the client uses the URL where their metadata is hosted as their client_id.
The client creates a JSON document with their metadata and hosts it at an HTTPS URL.
Snippet from the RSS feed
Learn about Client ID Metadata Documents (CIMD) - a new OAuth approach that lets clients identify themselves using URLs instead of preregistration. Presented by Stytch.

You might also wanna read

Technical Insights from Building Passkeybot: Lessons on Passkey Implementation and WebAuthn

The article shares insights from building passkeybot.com, a hosted sign-in page that enables passkey authentication for websites. It explain

enzom.dev·5mo ago

WebSparks: An AI-Powered Tool for Building Web Applications Without Extensive Coding

WebSparks is an AI-powered software engineer that transforms ideas into fully functional web applications without requiring extensive coding

innovirtuoso.com·23h ago

Joost de Valk publishes open Website Specification: 128 rules for modern, future-proof websites

Joost de Valk, creator of Yoast SEO, published the Website Specification (specification.website) — an open, platform-agnostic reference docu

ppc.land·1d ago

ZX Spectrum BASIC interpreter rebuilt from scratch to run natively in web browsers

A developer has rebuilt the ZX Spectrum's BASIC interpreter from scratch to run in a web browser, without emulating the original Z80 hardwar

boingboing.net·1d ago

How to Set Up an Apache Reverse Proxy for an Ecommerce Website

This article provides a comprehensive, start-to-finish guide on setting up an Apache reverse proxy specifically for ecommerce websites. It c

blog.radwebhosting.com·2d ago

Implementing live text search in React with Firestore Enterprise's built-in search pipeline

Firebase's Firestore Enterprise edition now includes built-in text search support. This article demonstrates how to implement live text sear

firebase.blog·2d ago