[Openid-specs-ab] Issue #1545: OpenID for VCI, consider client credentials grant (openid/connect)
nikosft
issues-reply at bitbucket.org
Thu Jul 7 10:14:37 UTC 2022
New issue 1545: OpenID for VCI, consider client credentials grant
https://bitbucket.org/openid/connect/issues/1545/openid-for-vci-consider-client-credentials
Nikos Fotiou:
I believe the client credentials grant \(section 4.4 in OAuth2 RFC - [https://datatracker.ietf.org/doc/html/rfc6749#section-4.4](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4) \) fits nicely with this use case: users can configure their issuer with, for example, a username and a password for their wallet and then the wallet can receive the VC. This approach has the following advantages:
* It is easier to integrate new wallets: new wallet implementations do not have to perform a "registration" process with the issuer, instead users individually are responsible for creating the "client credentials" for their wallet with the issuer.
* It is faster, since it is requires one roadtrip less, compared to the authorization code grant.
More information about the Openid-specs-ab
mailing list