OpenID4VCI icon indicating copy to clipboard operation
OpenID4VCI copied to clipboard

Published 20 hours ago verified publisher icon openid

Authorization Details claims

Open c2bo opened this issue 1 year ago • 8 comments

The Appendix introduces specific claims for Authorization Details for mdoc and sd-jwt vc type credentials. For both of them a new claim claims is introduced as

claims: OPTIONAL. Object as defined in Appendix A.3.2 excluding the display and value_type parameters. mandatory parameter here is used by the Wallet to indicate to the Issuer that it only accepts Credential(s) issued with those claim(s).

I was wondering if this should be extended to also allow expected values inside the claim. This would allow the Wallet to signal expected claims which might help for cases where there are several options of the same type of credential to be issued.

A good example would be a bank where one user might be the owner of different bank accounts within that one bank and would like to get a credential for a specific one. This way authorization_details could be leveraged to signal the expected one.

We could introduce a new optional claim expected_value like this:

[
    {
        "type": "openid_credential",
        "format": "vc+sd-jwt",
        "vct": "SD_JWT_VC_example_in_OpenID4VCI",
        "claims": {
            "given_name": {
                "expected_value": "SomeName"
            }
        }
    }
]

c2bo avatar Feb 11 '24 18:02 c2bo