OID for Verifiable Credential Issuance (OID4VCI) - Phase2 (Authorization Code Flow 1a for JWT)

[essbante-io]

Short Description

Implement Phase 2 of the OID for Verifiable Credential Issuance (OID4VCI) project, focusing on the Authorization Code Flow 1a for JSON Web Tokens (JWT). This phase will enhance secure, efficient, and standardized credential issuance processes.

Specification: see Authorisation flow scenario 1a (wallet initiated flow) of OID4VCI spec

Value statement

By implementing the Authorization Code Flow 1a for JWT in the OID4VCI project, we will significantly improve the security and efficiency of our credential issuance process. This will ensure robust authentication and authorization mechanisms, providing a seamless and secure experience for issuers, verifiers, and users. Adopting this standard will enhance interoperability with other systems, reduce the risk of security breaches, and position our platform as a leader in secure digital credential management.

Details

The scenario is described in the spec section here

Use cases are described for:

• Wallet-Initiated Issuance after Installation - first priority
• Wallet-Initiated Issuance during Presentation - second priority and should be implemented later.

Scope

• Support Authorization Code Flow 1a for JWT in the OID4VCI protocol in the Swift SDK identus-edge-agent-sdk-swift#175
• Support Authorization Code Flow 1a for JWT in the OID4VCI protocol in the TS SDK identus-edge-agent-sdk-ts#310
• Support Authorization Code Flow 1a for JWT in the OID4VCI protocol in the Kotlin SDK identus-edge-agent-sdk-kmp#211
• Update the documentation for OID4VCI Authorization Flow 1a identus-docs#191
• Implement e2e tests for OID4VCI Authorization Flow 1a identus-cloud-agent#1404

[elribonazo]

@yshyn-iohk, can u please add the cloud-agent tickets and a description here? thanks