[Openid-specs-ab] Issue #1199: which wallet gets invoked in SIOP (openid/connect)

Kristina Yasuda issues-reply at bitbucket.org
Thu Oct 22 15:28:05 UTC 2020

New issue 1199: which wallet gets invoked in SIOP

Kristina Yasuda:

If there are several SIOP wallets on my mobile device \(or in a web browser\), which one gets invoked when SIOP request is received?

currently, SIOP wallets would register custom schema `openid://`. However, there are certain dependencies on the OS: 1/ Android allows only one wallet of user’s choice to be invoked, and 2/ iOS invokes a wallet that was the first to register a custom schema.

One idea was to have a “capability broker“, where a list of SIOP wallets and the identifier methods they support \(jwk thumb or did methods\) are registered and either user chooses which wallet to invoke or wallet appropriate to RP req automatically gets invoked. \(similar to Samsung phones allowing users to use both Samsung pay and Android pay\)

Is there a way to make this work without OS support \(ideal\), or should the conversation with OS vendors be initiated \(hard\)?

related to issue #1198 on RP starting a req to SIOP.

More information about the Openid-specs-ab mailing list