Are there any plans to support Dynamic Client Registration (RFC 7591/7592)?

[maliming]

Confirm you've already contributed to this project or that you sponsor it

• [x] I confirm I'm a sponsor or a contributor

Version

7.2.0

Question

I want to ask if there are any plans.

Thanks.

[kevinchalet]

Hey @maliming,

Backported from OIDC, "dynreg" isn't really a recent thing but in practice, very few services offer it due to the fact it's generally regarded as a massive security risk (specially if the registration step doesn't require an initial access token). As such, the demand for dynamic client registration and dynamic client registration management support in OpenIddict has been - so far - pretty much non-existent 😄

In https://github.com/abpframework/abp/issues/24193, @itw-DheerG said he was interested in seeing this feature supported to be used with MCP but it's worth noting that dynreg is NOT the recommended approach to "register" a new client application:

For MCP, OAuth Client ID Metadata Document is the recommended approach, but it's still a WIP (the first draft shipped in October: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-client-id-metadata-document-00).

If dynreg is important to have in ABP, I'm happy to add it, but we need to make sure there's a real use case for that before implementing such a niche feature 😃

More info here: https://modelcontextprotocol.io/specification/2025-11-25/basic/authorization

[thoraj]

Will you consider making the changes to support CIMD?

We are currently using Duende IdentityServer, community edition, and must soon upgrade to a paid tier. Depending on what kind of support and licensing they will offer for CIMD (and MCP supporting scenarios), we will also consider contributing and/or sponsoring OpenIdDict as an alternative.

[hikalkan]

Thanks @kevinchalet for your answer. I closed the related ABP issue: https://github.com/abpframework/abp/issues/24193#issuecomment-3640882766