DPoP

RU: DPoP

Demonstrating Proof of Possession (RFC 9449): an OAuth 2.0 mechanism that sender-constrains access tokens by requiring the client to attach a short-lived, signed JWT (the DPoP proof) to each request, binding the token to a client-held private key. A stolen token is useless without the matching key.