Have you ever wondered how secure your tokens are when they are transmitted from a client to a server? As our digital footprints expand, the need for more stringent security measures in web applications and APIs has never been greater. In the wake of a recent GitHub security breach affecting dozens of organisations, the question of token security has once again been thrust into the spotlight. Recently, a group of hackers used stolen OAuth access tokens to gain unauthorised access to numerous organisations' internal systems, causing considerable disruption and raising serious concerns over how we protect our digital identities. This incident serves as a stark reminder of the importance of implementing robust security measures, especially when it comes to OAuth tokens. Today, we are excited to announce support for the OAuth 2.0 Demonstrating Proof-of-possession at the Application Layer (DPoP), a significant approach for bolstering security and mitigating risks associated.