RFC 8705: Mutual TLS Client Authentication and Certificate-Bound Access Tokens (MTLS)

tools.ietf.org/html/rfc8705

MTLS is a form of client authentication and an extension of OAuth 2.0 that provides a mechanism of binding access tokens to a client certificate. It is one of many attempts at improving the security of Bearer Tokens by requiring the application using the token to authenticate itself.

See Also:

• Client Authentication
• RFC 9449: DPoP
• Draft: HTTP Signatures
• Private Key JWT