I've been enjoying modern machine-to-machine flows. Trading trusted URLs for client ids is a really secure model. Especially if you go the extra mile with role based machine auth to cloud key stores. You can do the entire thing without a single secret string. I'd much rather prove I can control a URL than ensure a piece of information never leaks out.
Not specifically but it's the same idea. CIMD is perhaps one step too far for the cases I've worked with. We seem to prefer an out-of-band process for establishing trust. Two CTOs exchanging FQDNs at lunch is a fairly robust model.
I've been enjoying modern machine-to-machine flows. Trading trusted URLs for client ids is a really secure model. Especially if you go the extra mile with role based machine auth to cloud key stores. You can do the entire thing without a single secret string. I'd much rather prove I can control a URL than ensure a piece of information never leaks out.
Are you talking about CIMD?
Not specifically but it's the same idea. CIMD is perhaps one step too far for the cases I've worked with. We seem to prefer an out-of-band process for establishing trust. Two CTOs exchanging FQDNs at lunch is a fairly robust model.