Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How does PAR work with SIOPv2? #106

Open
decentralgabe opened this issue Jun 26, 2024 · 2 comments
Open

How does PAR work with SIOPv2? #106

decentralgabe opened this issue Jun 26, 2024 · 2 comments

Comments

@decentralgabe
Copy link

Section 4.2 states:

  • MUST use Pushed Authorization Requests (PAR) [RFC9126] to send the Authorization Request.
  • Wallets MUST authenticate itself at the PAR endpoint using the same rules as defined in Section 4.3 for client authentication at the token endpoint.

Does this mean that a wallet must have a publicly-addressable endpoint to receive authorization requests?
@Sakurann
Copy link
Contributor

section 4 applies only to VCI, not VP, so PAR is only for VCI and not VP

@decentralgabe
Copy link
Author

thanks, so is this understanding correct?

  • A wallet does not need have a publicly addressable endpoint
  • When doing authZ as a part of VCI the wallet sends an auth request (PAR) to the credential issuer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@decentralgabe @Sakurann