[OpenID-Specs-eKYC-IDA] Issue #1236: Act as a staff, but assert director's verified claims (openid/ekyc-ida)

nfujie issues-reply at bitbucket.org
Wed Mar 10 11:28:26 UTC 2021


New issue 1236: Act as a staff, but assert director's verified claims
https://bitbucket.org/openid/ekyc-ida/issues/1236/act-as-a-staff-but-assert-directors

Naohiro Fujie:

Feedback from METI to the authority claims/regal entity.

Comment:

* It will be needed to provide verified claims of director or president as well as the delegated staff’s claims

Current use-case of METI:

* In case of a corporate staff act as the president during application process he/she will be needed to provide the president’s attribute as well as his/her attributes.
* for example, Bob login to a application system using his account which acts as a corporate director. During the process, Bob will be required to provide both his attributes and the director’s attributes, e.g, register the director’s attributes as owner of the business and register his own attribute as contact information of the application.
* Current implementation on METI, they define 2 types of claims for both corporate profile includes director/president’s attributes and user’s attributes.

Current id\_token from METI’s IdP:

```json
{
 "sub": "BSmith",
 "rep_last_nm": "Johnson",
 "rep_first_nm": "Alice",
 "user_last_nm": "Smith",
 "user_first_nm": "Bob",
 "user_post_code": "0000000",
 "user_prefecture_name": "Tokyo",
 "user_address1": "Minato-ku",
 "user_address2": "1-2-3",
 "user_department": "XX dept.",
 "user_tel_no_contact": "11111111111",
 "user_email": "bob.smith at example.co.jp"
}
```

‌

Proposal:

* add claims of director/president under authority element.

example\)

```json
{
  "sub": "BSmith",
  "email": "bobsmith at example.com",
  "verified_claims":{
    "verification":{
      "trust_framework": "entity_claims_example_framework",
      ...omit...
    },
    "claims":{
      "givenName": "Bob",
      ...omit...
      "
    },
    "authority": [ {
      "applies_to": {
        "company_name": "Example Company Limited",
        "company_number": "12351235",
        "jurisdiction": "england-wales",
        "rep_givenName": "Alice",   <-- Add claims for representative
        "rep_familyName": "Johnson"
      },
      "permission": [ {
      ...omit...
}
```

‌




More information about the Openid-specs-ekyc-ida mailing list