This pull request contains an OpenAPI specification to propose an extension of the authentication service exposed to relying parties. Compared to the existing OSIA service (verify identity), this new service brings:
the ability to use more authentication factors
additional security features:
authentication and response can be bound to one transaction,
the consent of the citizen/user can be provided,
authentication factor data can be signed and encrypted,
request can be checked for integrity.
This proposition was first discussed outside the usual OSIA workgroup with other organizations, and was then updated to be more consistent with the existing OSIA services.
This is not yet perfect and the YAML is not yet integrated in the OSIA PDF documentation but it is now open for comments from the community.
This pull request contains an OpenAPI specification to propose an extension of the authentication service exposed to relying parties. Compared to the existing OSIA service (verify identity), this new service brings:
This proposition was first discussed outside the usual OSIA workgroup with other organizations, and was then updated to be more consistent with the existing OSIA services. This is not yet perfect and the YAML is not yet integrated in the OSIA PDF documentation but it is now open for comments from the community.