fleischr
commented
1 year ago Absent of a email/password - a pre-dusting DID user could be added by providing a valid digital signature with the public key corresponding to the DID. This would be the procedure for login as well.
Auth requests would be received in DID-JWT format. No other changes to session/refresh tokens
Key asks
How are DID-JWTs - created elsewhere - onboarded into ident and onboarded to orgs? Use of corresponding refresh tokens, self sovereign keys