I support adoption of this draft as a WG document. We have working implementations of this at Keycard - both clients publishing the metadata as well as other entities retrieving it. It is proving quite useful on a number of dimensions - in particular reducing the proliferation of client secrets. If any other implementers are looking to prototype integrations, feel free to contact me. Looking forward to finalizing this specification!
Jared Hanson Co-Founder [email protected] | 510-984-2480 www <https://www.keycard.ai> | linkedin <https://www.linkedin.com/in/jaredhanson> | github <https://github.com/jaredhanson> On Mon, Sep 22, 2025 at 12:14 PM Rifaat Shekh-Yusef via Datatracker < [email protected]> wrote: > > Subject: Call for adoption: > draft-parecki-oauth-client-id-metadata-document-03 (Ends 2025-10-06) > > This message starts a 2-week Call for Adoption for this document. > > Abstract: > This specification defines a mechanism through which an OAuth client > can identify itself to authorization servers, without prior dynamic > client registration or other existing registration. This is through > the usage of a URL as a client_id in an OAuth flow, where the URL > refers to a document containing the necessary client metadata, > enabling the authorization server to fetch the metadata about the > client as needed. > > File can be retrieved from: > > https://datatracker.ietf.org/doc/draft-parecki-oauth-client-id-metadata-document/ > > Please reply to this message keeping [email protected] in copy by indicating > whether you support or not the adoption of this draft as a WG document. > Comments to motivate your preference are highly appreciated. > > Authors, and WG participants in general, are reminded of the Intellectual > Property Rights (IPR) disclosure obligations described in BCP 79 [2]. > Appropriate IPR disclosures required for full conformance with the > provisions > of BCP 78 [1] and BCP 79 [2] must be filed, if you are aware of any. > Sanctions available for application to violators of IETF IPR Policy can be > found at [3]. > > Thank you. > [1] https://datatracker.ietf.org/doc/bcp78/ > [2] https://datatracker.ietf.org/doc/bcp79/ > [3] https://datatracker.ietf.org/doc/rfc6701/ > > > > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
