Hi everyone,

Please take a look at https://github.com/uma-email/poc#protected-dynamic-client-registration.

This may solve the single page applications and native applications problem with client secrets. I mean, the client is public with respect to the IdP, and at the same time – after dynamic registration – confidential with respect to the AS.