Skip to content

Building Interactive Authorization on top of first party apps draft#736

Merged
brentzundel merged 15 commits into
mainfrom
719-revisiting-building-iae-on-top-of-first-party-apps-draft
Jun 24, 2026
Merged

Building Interactive Authorization on top of first party apps draft#736
brentzundel merged 15 commits into
mainfrom
719-revisiting-building-iae-on-top-of-first-party-apps-draft

Conversation

@mickrau

@mickrau mickrau commented May 4, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

rough draft for further discussion.

Changes (among others):

  • change Interactive Authorization Endpoint to Interactive Authorization using Authorization Challenge Endpoint
  • remove status = (require_interactionok) and use (HTTP 401 with error: insufficient_authorization) and (HTTP 200 + authorization_code) instead

I kept the order of the sections so that you can see at a glance what has changed.

Find comparison table IAE vs. FiPA here

@mickrau mickrau requested review from GarethCOliver and fkj May 4, 2026 12:44
@mickrau mickrau linked an issue May 4, 2026 that may be closed by this pull request
revisiting building IAE on top of first party apps draft #719
Closed
fkj
fkj reviewed May 18, 2026
View reviewed changes

@fkj fkj left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally I think this is really nice! It does not feel like a hack, but quite natural. I also think it reads pretty well. I've added a lot of nits and some points for discussion.
@mickrau It would be great if you could take a look and merge the ones you agree with/discard the ones you don't. Sorry it took me so long to review this!

Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
mickrau and others added 2 commits May 18, 2026 16:53
@mickrau @fkj
Apply suggestions from code review
0eeb37c 
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
@mickrau
minor updates
3a7c046
GarethCOliver
GarethCOliver approved these changes May 18, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
@mickrau mickrau marked this pull request as ready for review May 22, 2026 13:38
ju-cu
ju-cu reviewed Jun 3, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
paulbastian
paulbastian reviewed Jun 4, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
gffletch
gffletch reviewed Jun 4, 2026
View reviewed changes
Comment thread 1.1/discussion/comparison_iae_1stpartyapp.md Outdated
paulbastian
paulbastian reviewed Jun 4, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
paulbastian
paulbastian reviewed Jun 4, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
mickrau
mickrau commented Jun 9, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
mickrau
mickrau commented Jun 9, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
mickrau
mickrau commented Jun 9, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
mickrau
mickrau commented Jun 9, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
mickrau
mickrau commented Jun 9, 2026
View reviewed changes
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md
@mickrau @ju-cu @paulbastian
Apply suggestions from code review
d5b4a05 
Co-authored-by: Judith <59833642+ju-cu@users.noreply.github.com>
Co-authored-by: Paul Bastian <paul.bastian@posteo.de>
Co-authored-by: Micha Kraus <7931215+mickrau@users.noreply.github.com>
@mickrau

mickrau commented Jun 11, 2026

Copy link
Copy Markdown
Contributor Author

Thank you for the feedback. I have resolved most of the suggestions. Aside from a few editorial todos, there are two open questions left to address:

  • Naming Convention: Should we rename urn:openid:dcp:ia:redirect_to_web to urn:openid:dcp:ia:method_via_web?
  • Error Handling: Should we stay with HTTP 401 (as used in FiPA example) or switch to HTTP 400 (as used in FiPA normative text)?

@fkj

fkj commented Jun 12, 2026

Copy link
Copy Markdown
Member
  • Naming Convention: Should we rename urn:openid:dcp:ia:redirect_to_web to urn:openid:dcp:ia:method_via_web?

I think yes, since people might forget about the URN prefix and think it's the same thing. A completely different name avoids confusion.

  • Error Handling: Should we stay with HTTP 401 (as used in FiPA example) or switch to HTTP 400 (as used in FiPA normative text)?

I think 401 makes more sense when considering the HTTP semantics.

paulbastian
paulbastian reviewed Jun 17, 2026
View reviewed changes
Comment thread 1.1/discussion/comparison_iae_1stpartyapp.md Outdated
@paulbastian @mickrau
Apply suggestions from code review
1f3390d 
Co-authored-by: Micha Kraus <7931215+mickrau@users.noreply.github.com>
@openid openid deleted a comment from mkrabdr Jun 17, 2026
@fkj fkj self-requested a review June 17, 2026 10:57
@Sakurann

Sakurann commented Jun 18, 2026

Copy link
Copy Markdown
Collaborator

WG discussion.

  • no objections to merge once there are 3 approvals. needed as a basis for next week pre-DICE monday mtg.

fkj
fkj reviewed Jun 19, 2026
View reviewed changes

@fkj fkj left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally looks pretty good, but I have a few editorial suggestions/nits.

Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
Comment thread 1.1/openid-4-verifiable-credential-issuance-1_1.md Outdated
@mickrau @fkj
Apply suggestions from code review
d5ace8d 
Co-authored-by: Frederik Krogsdal Jacobsen <fkj@users.noreply.github.com>
@dpostnikov dpostnikov requested review from c2bo and timcappalli June 22, 2026 07:56
@fkj

fkj commented Jun 23, 2026

Copy link
Copy Markdown
Member

@mickrau please resolve merge conflict. It's a trivial conflict.

fkj
fkj approved these changes Jun 23, 2026
View reviewed changes

@fkj fkj left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even though there is still some unclarity about the FiPA error codes, I think we should merge this to unblock other issues/PRs.
It's a very minor change that we can track in a new issue so we remember to figure it out before publishing 1.1.

@mickrau mickrau force-pushed the 719-revisiting-building-iae-on-top-of-first-party-apps-draft branch from 15cdda3 to cc107d1 Compare June 23, 2026 10:53
@brentzundel

brentzundel commented Jun 24, 2026

Copy link
Copy Markdown
Collaborator

Multiple positive review, no objections, feedback incorporated, merging

@brentzundel brentzundel merged commit 2d9fd4a into main Jun 24, 2026
2 checks passed
This was referenced Jun 24, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ju-cu ju-cu ju-cu left review comments
@fkj fkj fkj approved these changes
@GarethCOliver GarethCOliver GarethCOliver approved these changes
@paulbastian paulbastian paulbastian approved these changes
@timcappalli timcappalli Awaiting requested review from timcappalli
@c2bo c2bo Awaiting requested review from c2bo
+1 more reviewer
@gffletch gffletch gffletch left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

first-party? reviews-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

revisiting building IAE on top of first party apps draft

8 participants

@mickrau @fkj @Sakurann @brentzundel @gffletch @GarethCOliver @paulbastian @ju-cu