It's exactly the tokenizer, but we shoplifted the idea too; it belongs to the world!
(The credential thing I'm actually proud of is non-exfiltratable machine-bound Macaroons).
Remember that the security promises of this scheme depend on tight control over not only what hosts you'll send requests to, but what parts of the requests themselves.
How does this work with more complex authentication schemes, like AWS?
Did the machine-bound Macaroons ever get written up publicly or is that proprietary?
Like the Tokenizer, I think they're open source.
https://fly.io/blog/operationalizing-macaroons/