Wout Slakhorst
Wout Slakhorst
Some things have changed since the last two years. If you still use the above middleware, you'll double decode. Should be closed.
> or let Delete also return the value... sounds like a valuable addition
Also the `endpoint` property is not free to choose: it must end with `discovery/`
> We probably need to wait for 22 so 24 does not arrive before it can be handled? yes, it's all synchronous so should be ok
The flow will be slightly different when the dialog is shown in a popup. It would require some polling from the XIS/ECD in the background.
`request_uri` discussion is still ongoing within OpenID4VP since it should be signed/encrypted but there's no way to know what crypto algs the wallet supports.
> Identified work items: > > * Add user details in `requestUserAccessToken`, which can be used in `NutsEmployeeCredential` (see Wiki). This must be optional: later on OpenID Connect could be...
This is used for OpenID4VP flows. They are marked experimental. Will remove `final` label.
Scanned the best-practises. Still relevant for OpenID4VP and the authorization code flow. Not for 6.0 though.