You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We didn't want to overload OIDC redirect_uri, especially since currently, authn and authz are two independent flows with redirects. While we want to look at having a clear way to offer a combined experience, we might still want to have them available as separate flows.
There is also some relevant information in solid/specification#504 which also applies to on-device apps, specifically:
For the purpose of pure Authentication, I believe we should allow such server-side clients to authenticate independently from any of the end-users on whose behalf it can act. Of course, we still need to ensure that the client can act on behalf of the end user. For that, we step into delegation / client authorization (AuthZ).
Once we have defined VP/VC that represents client authorization, we probably don't need additional OIDC ID tokens, since both end-user identity and client identity would be available in this new credential.
Both occur in e.g. https://github.com/janeirodigital/sai-js/blob/main/packages/css-storage-fixture/acme/projectron/id%24.jsonld
Is
redirect_uris
for OIDC andinterop:hasAuthorizationCallbackEndpoint
for other (data-related) OAuth scopes?The text was updated successfully, but these errors were encountered: