You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Aug 25, 2023. It is now read-only.
The first change moves us in the more direction of authorization to a generic resource, not just simply authenticating the user. The second change furthers this by distinguishing the resource owner from the subject of the resource.
We're missing a way to express who authorized this access. We should add an ownerDID claim.
ownerDID != subjectDID when the resource is NOT a set of claims about the party that authorized access. Eg. Acme Bank authorizes IRS access to credit card statements about Eve.
We're recently dones some changes:
ConsentCredential->AuthorizationCredential(ref: Should use authorization terminology adapter#188).userDID->subjectDID(ref: PR feat: AuthorizationCredential Context #20 (comment)).The first change moves us in the more direction of authorization to a generic resource, not just simply authenticating the user. The second change furthers this by distinguishing the resource owner from the subject of the resource.
We're missing a way to express who authorized this access. We should add an
ownerDIDclaim.ownerDID!=subjectDIDwhen the resource is NOT a set of claims about the party that authorized access. Eg. Acme Bank authorizes IRS access to credit card statements about Eve.