[Openid-specs-ab] Issue #1550: Clarification of simplified verification flow required (openid/connect)
David Chadwick
issues-reply at bitbucket.org
Wed Jul 13 13:07:29 UTC 2022
New issue 1550: Clarification of simplified verification flow required
https://bitbucket.org/openid/connect/issues/1550/clarification-of-simplified-verification
David Chadwick:
The current openid-4-verifiable-presentations-1\_0.md specification says that the RP can send an authorization request to the wallet’s authorisation endpoint to request only a vp\_token. An example request is given
```
GET /authorize?
response_type=vp_token
&client_id=https%3A%2F%2Fclient.example.org%2Fcb
&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb
&presentation_definition=...
&nonce=n-0S6_WzA2Mj HTTP/1.1
```
However no corresponding simplified result is given. In particular, is it correct to assume that no access\_token needs to be returned with the vp\_token? So is the following the simplest result one could expect?
\{
"vp\_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRpZDpleGFtcGxlOjB4YWJjI2tleTEifQ.eV05xQXhmdDdFVDZsa0gtNFM2VXgzclNHQW1jek1vaEVFZjhlQ2VOLWpDOFdla2RQbDZ6S1pRa.ft\_Eq4IniBrr7gtzRfrYj8Vy1aPXuFZU - 6\_ ai0wvaKcsrzI4JkQEKTvbJwdvIeuGuTqy7ipO",
"presentation\_submission": \{
"id": "Selective disclosure example presentation",
"definition\_id": "Selective disclosure example",
"descriptor\_map": \[\{
"id": "ID Card with constraints",
"format": "jwt\_vp",
"path": "$",
"path\_nested": \{
"format": "jwt\_vc",
"path": "$.verifiableCredential\[0\]"
\}
\}\]
\}
\}
If so, can we add such an example?
One final point. Could we please include the JSON examples inline in the .md file rather than as references to examples in the examples directory as this makes it far more difficult to see if the examples are correct. \(You have to find the right directory inside the examples directory and then the right file in the right directory\).
More information about the Openid-specs-ab
mailing list