[Openid-specs-ab] Issue #1642: issuance initiation request options (openid/connect)
josephheenan
issues-reply at bitbucket.org
Wed Sep 21 10:44:08 UTC 2022
New issue 1642: issuance initiation request options
https://bitbucket.org/openid/connect/issues/1642/issuance-initiation-request-options
Joseph Heenan:
The spec says:
> The Issuer sends the request as a HTTP GET request or a HTTP redirect to the Issuance Initiation Endpoint URL defined in [Section 11.1](https://openid.bitbucket.io/connect/openid-4-verifiable-credential-issuance-1_0.html#client-metadata).[¶](https://openid.bitbucket.io/connect/openid-4-verifiable-credential-issuance-1_0.html#section-6.1-1)
I can’t figure out what this means. I think the “or a HTTP redirect” means “send the user’s browser to the issuance url with the parameters in the url query”. I’m not sure what the other option \(the first part of the ‘or’, “sends the request as a HTTP GET request”\) is, as 6.2 seems to make it pretty clear the request is done interactively in the user’s browser with the resulting html expected to be displayed by the browser.
It might make sense to use similar language to that used in RFC6749 for the authorization endpoint, e.g.:
> The Issuer directs the resource owner to the constructed URI using an
> HTTP redirection response, or by other means available to it via the
> user-agent.
More information about the Openid-specs-ab
mailing list