OAuth 2 - Dynamic Client Registration Protocol

There's really no difference between interoperability and unknown request from an unknown third party. So we've got some things built into the Dynamic Client Registration Protocol in OAuth. It sets up the environment so that all of those assumptions about which secrets are in place, which identifiers are in place before the OAuth protocol even starts. Those can all actually be put there beyond just developer. And I should probably point out that I served as the editor in the IETF for that specification.