Dynamic wallet/client metadata negotiation
Issue #2057
resolved
Hi. I have a question wrt dynamic wallet-client metadata negotiation.
Most OID4VP flows will use the request_uri approach where the request object is fetched from the server.
In a basic authorisation request, Verifier presents its metadata (as value or as reference via client_metadata). Wallet could send its metadata to the request_uri endpoint and the server could generate a request that matches the Wallet requirements. Of course it is the server who defines the minimal requirements (wallet should not be able to downgrade the config from a security point of view)
Minimal assumption by the server would be the wallet authorisation endpoint.
Comments (2)
-
reporter
-
- changed status to resolved
Closing, per Alen's comment.
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- Verifiable Presentation
- Milestone
- –
- Version
- –
- Votes
- 0
- Watchers
- 1
Addressed in https://bitbucket.org/openid/connect/issues/1401/advanced-cross-device-flow-for-siop. Issue can be closed.