You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The draft only covers the case where credentials are issued to humans.
It would not take "much" to extend the possibilities of issuance to other identities, such as device identities.
I would like to collect some opinions on whether this is out of scope or could be addressed by this draft.
Main necessary changes:
Relax the notion of the User to a more generic term like Subject
Relax the authorization mechanism requirements to allow for other mechanisms ensuring the subject's consent.
An example: For devices registered as clients to the OP, a possibility would be to use the plain OAuth client_credentials flow with an appropriate authentication mechanism, such as JWT Bearers.
Do not require user interaction during dynamic input credential presentation.
This could be achieved for example via changes in OIDC4VP, or
The draft only covers the case where credentials are issued to humans.
It would not take "much" to extend the possibilities of issuance to other identities, such as device identities.
I would like to collect some opinions on whether this is out of scope or could be addressed by this draft.
Main necessary changes:
client_credentialsflow with an appropriate authentication mechanism, such as JWT Bearers.dynamicinput credential presentation.The text was updated successfully, but these errors were encountered: