Redundant note in token response (section 6.2) #362
Labels
Comments
|
I understand that it might sound redundant, but we actually added this note, because implementer asked for this clarification, and I am inclined to keep it..? cc @paulbastian |
|
I would favour to keep it, the fact that scopes and authorisation_details are different flows seems not obvious to newcomers, at the same time credential_identifiers is a particular feature that enables certain things that scopes are not able to do. |
|
will close in a week, unless strong objections |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Spec reference: https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#section-6.2
In the successful token response scenario, if you use
scopein the authorization request (5.1.2 scenario), the token response will not contain the authorization details or the credential identifiers.In this scenario, the note "Credential Instance identifier(s) cannot be used when the scope parameter is used in the Authorization Request to request issuance of a Credential" is misleading and unnecessary. Perhaps it should be mentioned only in the credential request chapter.
The text was updated successfully, but these errors were encountered: