OpenID4VCI: add authorization_details token response parameter
Issue #1587
resolved
Section 7 of draft-ietf-oauth-rar requires:
In addition to the token response parameters as defined in [RFC6749], the authorization server MUST also return the authorization details as granted by the resource owner and assigned to the respective access token.
At least the example in Section 8.2 should therefore include the authorization_details response parameter.
Comments (4)
-
-
- changed component to Credential Issuance
-
do we need an example? Can it be sufficient to add a clarifying text in this regard?
-
- changed status to resolved
Migrated to GitHub
- Log in to comment
Is this requirement linked to get a proof of which aspects have been allowed in the response, considering that an issuer may consider some of these and ignore/reject a part or all of these?