1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. connect
  4. Issues

OP Metadata Basic Information

Issue #1600 closed
Thomas Bellebaum created an issue

OpenID4VCI defines new OP Metadata to convey a display name (in multiple languages) for the issuer. This mechanism may be of independent interest to retrieve information about an OAuth 2.0 Authorization Server or an OpenID Provider.

There are also some other values which one might like to include here. Ideas:

  • A logo for the OP
  • A preferred “Login with X” graphic
  • A link to the identity provider’s homepage

Note the similarity of some of these to the client metadata values logo_uri or client_uri. In fact, some values like policy_uri already have analogues in the server metadata (op_policy_uri).

Comments (7)

  1. Kristina Yasuda

    Could you please clarify, are you asking to add additional parameters to OP metadata?

    • A logo for the OP → already exists
    • A preferred “Login with X” graphic → why would this be displayed in the wallet? at Authorization Endpoint? that screen is usually controlled by the Issuer.
    • A link to the identity provider’s homepage → what would be the flow/use-case?

    also where did you see policy_uri?

  2. Thomas Bellebaum reporter

    Yes, I am proposing to add parameters to the OP metadata not just for the SSI use cases, but for any OPs. Something similar already exists for RPs in the client registration metadata ([about policy_uri](https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#client-metadata)) to display information about a client to a user e.g. during the authorization code flow. The RP wanting to utilize an OP may similarly want to display information about the OP to the user before starting such a flow.

    About the logo: Do you have a reference for me? I was unable to find anything in https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#authorization-server-metadata

  4. Kristina Yasuda

    Any standard OAuth parameter, including policy_uri can be used with OpenID4VCI which is OAuth based

    VCI defined OP metadata, including logo_uri in this section: https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-server-metadata and it already states This section extends the server metadata [RFC8414]. we can add these parameters to IANA later, but currently these parameters are defined in VCI so will not find them in IANA.

    hope this answers the issue

  8. Log in to comment
Assignee
Type
proposal
Priority
minor
Status
closed
Component
Credential Issuance
Milestone
Version
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!