Based on my reading, I don't believe it is. Client Certificate authentication describes a flow where the client presents a certificate in lieu of a client secret.
My understanding is that RClone uses a client [secret](https:// rcloneEncryptedClientSecret = "_JUdzh3LnKNqSPcf4Wu5fgMFIQOI8glZu_akYgR8yf6egowNBg-R") Which begs a few questions.
If RClone currently implements the Authorization Code Flow, why does it need a client secret? Previous discussion indicated that it's used to refresh the token. Is there a ticket to have rclone generate a client assertion using a certificate, rather than presenting a client secret? Alternatively, is there a ticket for RClone to use refresh tokens, if it doesn't already?