OpenID Connect (OIDC) with OAuth allows applications to authenticate users using third-party identity providers (IdPs). If dynamic registration is enabled, attackers can abuse this feature to capture and replay authentication requests. Replay attack (Option C): Attackers capture legitimate authentication tokens and reuse them to impersonate users. OIDC uses JWTs (JSON Web Tokens), which may not expire quickly, making replay attacks highly effective. #attack