You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OpenID Foundation is developing a set of standards for handling verifiable credentials. They are being developed under the name OIDC4VC - OpenId Connect for Verifiable Credentials, and they include standards for issuing and presenting credentials under what is called the issuer-holder-verifier model, which attempts to avoid IDPs auditing every authentication by users.
Since casdoor implements other standards from the OpenID Foundation, facilitating the integration of systems accepting those novel authentication and attestation exchange methods would be ideal.
In the demos mentioned above, novel standards are integrated with existing IAMs (Keycloak) via OIDC standard methods, and new services are in charge of issuing and verifying credentials according to novel standards. But that adds an integration step that could be avoided if OIDC implementors (isolated or included in IDPs) implement and accept those standards.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
OpenID Foundation is developing a set of standards for handling verifiable credentials. They are being developed under the name OIDC4VC - OpenId Connect for Verifiable Credentials, and they include standards for issuing and presenting credentials under what is called the issuer-holder-verifier model, which attempts to avoid IDPs auditing every authentication by users.
Those standars are still emergent, but they are likely to get great adoption due to being required for certain use cases by EU eIDAS v2: European Digital Identity Architecture and Reference Framework.
Since casdoor implements other standards from the OpenID Foundation, facilitating the integration of systems accepting those novel authentication and attestation exchange methods would be ideal.
Related work
There are already some implementations listed here. Microsoft is also working in a set of services under its Microsoft Entra Verified Id "product".
In the Ory Hydra project they have also made some related developments and plan to keep going to support this novel standards.
In the demos mentioned above, novel standards are integrated with existing IAMs (Keycloak) via OIDC standard methods, and new services are in charge of issuing and verifying credentials according to novel standards. But that adds an integration step that could be avoided if OIDC implementors (isolated or included in IDPs) implement and accept those standards.
Beta Was this translation helpful? Give feedback.
All reactions