In it's essence there's no difference, service must generate some key, client must use key to send messages. In this case instead of an in-house service, the trusted source might be a third-party, which the server also uses for verification. There's nothing redundant there. Client is still not trusted.