[Openid-specs-ab] Issue #1470: SIOP response with vp_token only? (openid/connect)
tlodderstedt
issues-reply at bitbucket.org
Wed Mar 30 16:49:11 UTC 2022
New issue 1470: SIOP response with vp_token only?
https://bitbucket.org/openid/connect/issues/1470/siop-response-with-vp_token-only
Torsten Lodderstedt:
A question that comes up frequently in conversions about SIOP and OIDC4VPs is: “Why do I need sub value and id token if all I want is a VP?“. I think there are use cases where a VP alone is sufficient, e.g. a verifier wants to check a diploma or a certain authorisation represented by a verifiable credential. In those cases, there is no need to establish a sub value for the user.
From a protocol perspective, we could modify SIOP \+OIDC4VPs so it would allow a RP to request a sub/id token or a vp token or a combination of id and vp token.
What does the WG think?
More information about the Openid-specs-ab
mailing list