Skip to main content

2023-03-16 Working group periodic update


  • Access token request
  • templating
  • filtering

Access token request

Currently RFC014 had a line in §4.2:

The credential issuer equals the sub field of the JWT in the access token request.

This will probably have to change to the issuer must be trusted for the use-case?


Because VCs ar not directly constructed but are to be constructed in response to events we'll need some sort of templating to create the right VCs. This has to be coordinated with efforts on implementing OIDC4VCI.


To select the right events for VC generation, some sort of filtering language would be required. DIF presentation exchange seems the right candidate.