Client ID Metadata Documents (CIMD): OAuth Client Identification Using URLs
Learn about Client ID Metadata Documents (CIMD) - a new OAuth approach that lets clients identify themselves using URLs instead of preregistration. Presented by Stytch.
Read the full articleYou might also wanna read
Auth.md: An Open Protocol for AI Agent Registration and Authentication
auth.md standardizes how AI agents register with apps, discover supported flows, request scopes, and receive secure user-scoped credentials.
MCP Authentication & OAuth 2.1: Authorization Flows, Token Management, and Enterprise Security Patterns
A comprehensive guide to MCP authentication and authorization — covering the OAuth 2.1 spec evolution (March→June→November 2025), Protected
MCP Authorization and OAuth 2.1: How AI Agents Authenticate with Remote Servers
A practical guide to MCP's OAuth 2.1 authorization spec — covering PKCE, Protected Resource Metadata, Resource Indicators, Dynamic Client Re
Fake OAuth client IDs are helping attackers slip past sign-in logs
Attackers running account enumeration against Microsoft cloud tenants have added a step that keeps their probing out of the usual telemetry.
OAuth client ID spoofing silently validates stolen Microsoft Entra ID credentials
At least two threat actors have weaponized a novel evasion technique called OAuth client ID spoofing in multiple cloud campaigns. The post O
Call for Participation: Demonstrate MCP-based AI agent security with open identity standards
Prove that MCP clients, gateways, and servers from different vendors can secure AI agents together — within and across enterprises. The Open

Comments
Sign in to join the conversation.
No comments yet. Be the first.