search

EWC-consortium / eudi-wallet-rfcs

EU Digital Identity Wallet RFCs in EWC to align towards the Large Scale Pilot (LSP) usecases. The project is co-funded by the European Union.
https://eudiwalletconsortium.org/
Apache License 2.0
20 stars 12 forks source link

Incorrect usage of scope parameter #62

Open georgepadayatti opened 1 month ago

georgepadayatti commented 1 month ago

https://github.com/EWC-consortium/eudi-wallet-rfcs/blob/a2509b70f7d1533efaa4756f87e54165294cdec1/ewc-rfc001-issue-verifiable-credential.md?plain=1#L416-L419 This is not the correct usage of scope in OID4VCI. scope is used to request a particular credential configuration.

So this issuance would fail when the issuer does not offer a credential configuration with a scope matching OpenID.

Also, I believe it was decided recently in the digital credentials group that using scope and authorization_details at the same time should not be allowed (because they both fulfill the same purpose)

I suggest removing the scope parameter or requiring it to be an empty string.

lalc commented 1 month ago

Fixed it against https://github.com/EWC-consortium/eudi-wallet-rfcs/pull/63