- changed status to new
underspecified language around presentation_definition and presentation_definition_uri in an authorization request
Chapter 5 in openid4vp ID-2 describes the use of presentation_definition and presentation_definition_uri in an authorization request. The current description does not exclude presentation_definition and presentation_definition_uri to BOTH be present in an authorization request, similar to what is described in RFC 9101 w.r.t. request and request_uri.
Neither does the current text describe how an mdoc should behave when both presentation_definition and presentation_definition_uri are present.
Comments (5)
-
-
the spec text does exclude presentation_definition and presentation_definition_uri to BOTH be present in an authorization request:
presentation_definition
:A string containing a Presentation Definition JSON object. See Section 5.1 for more details. This parameter MUST be present when
presentation_definition_uri
parameter, or ascope
value representing a Presentation Definition is not present.presentation_definition_uri
:A string containing an HTTPS URL pointing to a resource where a Presentation Definition JSON object can be retrieved. This parameter MUST be present when
presentation_definition
parameter, or ascope
value representing a Presentation Definition is not present. See Section 5.2 for more details.hope this answers your question.
-
reporter in my opinion this text states that presentation_definition and presentation_definition_uri can not BOTH be ABSENT, but does not exclude them from both being present.
-
There is an error defined if more than one is present
https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#section-6.4-5.1
-
reporter - changed status to resolved
Thanks
- Log in to comment