diff --git a/Cisco.org.tmp9v5uH2.org b/Cisco.org.tmp9v5uH2.org
new file mode 100644
index 00000000..65bcba35
--- /dev/null
+++ b/Cisco.org.tmp9v5uH2.org
@@ -0,0 +1,33 @@
+# Created 2021-07-16 Fri 15:51
+#+TITLE: Cisco Notes #+Author: Yann Esposito
+#+AUTHOR: Yann Esposito
+* Device Flow [2021-07-16 Fri]
+
+** Implications for IROH/SecureX/CTR
+
+OAuth2 is about linking two accounts of the same person between two
+different services.
+
+In the OAuth2 RFC only 4 *Grants* are described:
+
+- Authorization Code*
+- Implicit (we explicitly removed the support in IROH-Auth)
+- Resource Owner Password Credentials
+- Client Credential*
+
+With these we handle:
+
+- scripts
+- websites with a backend
+
+** Native Applications & SPA (PKCE)
+
+An additional RFC exists to improve the support of Native Applications and
+Single Page Applications.
+
+It was easily introduced a few years back for SSE.
+
+** Device Grant
+
+- *All on-premise devices*
+- *All devices without input access or browser access*.