sender-constrained tokens

RU: sender-constrained токены

A property of an access token that cryptographically binds it to the client that requested it, requiring that client to prove possession of a secret on every use. A stolen sender-constrained token is unusable without the bound key. DPoP and mTLS are the two standard mechanisms.