OpenID4VP icon indicating copy to clipboard operation
OpenID4VP copied to clipboard
verified publisher icon openid

Use of client_id

Open 101Coder101 opened this issue 7 months ago • 1 comments

Although being a non-normative overview, section "3.2. Cross Device Flow" mentions that the actual Authorization Request contains just a Request URI according to RFC 9101. This appears misleading, as RFC 9101 mentions the mandatory presence of the client_id. Furthermore, does this client_id then need to adhere to section "5.9. Client Identifier Prefix and Verifier Metadata Management"? One could interpret this both ways since this client_id is specified in a different specification while not explicitly being targeted in OID4VP.

101Coder101 avatar May 13 '25 21:05 101Coder101

9101

The diagram is not supposed to show all options in the spec and it probably is a high-level view of the important information exchanged between the verifier and the wallet. Note that the client_id will be included in the request object.

From the spec:

Note: The diagram does not illustrate all the optional features of this specification.

Perhaps we can update the note as follows:

Note: The diagram does not illustrate all parameters and optional features of this specification.

awoie avatar May 20 '25 16:05 awoie