Bearer tokens are the norm in modern identity flows; however they are vulnerable to being stolen from token caches.Proof-of-Possession (PoP) tokens, as described by RFC 7800, mitigate this threat. PoP tokens are bound to the client machine, via a public/private PoP key. The PoP public ...