-
Notifications
You must be signed in to change notification settings - Fork 25
Sending multiple VPs with a single presentation definition #62
Comments
That for sure wouldn't be compatible with the PE spec. That expects a VP per PD |
Do you have a reference to the spec where this is explicitly enfocred? In the OpenID4VP spec it, you can have a submission that covers multiple VPs (see bold part):
That would make me assume this is a valid use case? And it actually allows you to submit multiple VPs for a single PD, which solves the issue of only being able to sign a VP one time |
This is the payload we're currently creating:
|
@nklomp i got back that it is supported to have multiple vps for a single definition. I think that makes the approach we took for JFF plugfest okay, and we can leverage the same for SD-JWT credentials going forward? we can implement pex to create the least possible amount of vps, but will create multiple if needed to prove ownership (different subjects), when mixing formats, or when there's limitations in the format (e.g. sd-jwt is one vc per vp) |
Currently, it is not supported to send multiple VPs in the authorization repsonse, if the request only contained a single presentation definition. The number of VPs must match the number of PDs.
However, we're currently creating multiple VPs for a single PD, so that we can authenticate multiple credential subjects (as a JWT VP can only have one signature).
I can't read from the spec that this is invalid, however it would probably require some changes in PEX as well, as it's currently not really possible to have a single Presentation Submission for multiple VPs as well (had to do some hacks to combine multiple submissions into one larger submission)
The text was updated successfully, but these errors were encountered: