You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Dynamic credential request is for situations when an issuer requires verifications from the holder, before issuing the credential.
Here the issuer has alternating roles: issuer -> verifier -> issuer.
The verifier can specify direct_post as a way to receive the authorisation response containing the presentation submission. As per the OpenID4VP spec Section 6.2, it says the response endpoint after successfully processing the request must respond with 200 response. It may optionally contain a redirect_uri. If a redirect_uri is present, the wallet must redirect the user agent to that URI.
In the case of dynamic credential request, is it correct to understand the following:
Upon receiving the authorisation response, the verifier seizes being a verifier, therefore doesn't have to send a 200 response with/without redirect_uri and becomes an issuer and continues with the issuer flow of returning an authorisation response with 302 redirects containing code in query params
Is this the correct interpretation?
The text was updated successfully, but these errors were encountered:
This is regarding the implementation of the Section 5.1.5 Dynamic Credential Request. I am unsure if I should raise this question here or in OpenID4VP.
Dynamic credential request is for situations when an issuer requires verifications from the holder, before issuing the credential.
Here the issuer has alternating roles: issuer -> verifier -> issuer.
The verifier can specify
direct_post
as a way to receive the authorisation response containing the presentation submission. As per the OpenID4VP spec Section 6.2, it says the response endpoint after successfully processing the request must respond with 200 response. It may optionally contain aredirect_uri
. If aredirect_uri
is present, the wallet must redirect the user agent to that URI.In the case of dynamic credential request, is it correct to understand the following:
Upon receiving the authorisation response, the verifier seizes being a verifier, therefore doesn't have to send a 200 response with/without
redirect_uri
and becomes an issuer and continues with the issuer flow of returning an authorisation response with 302 redirects containing code in query paramsIs this the correct interpretation?
The text was updated successfully, but these errors were encountered: