[AIP-108][Discussion]Enable interoperability for Federated Keyless Accounts for the same issuer (user-pool/tenant)

[thepomeranian]

AIP Discussion

This AIP proposes enabling Aptos Federated Keyless to be interoperable with dApps from the same issuer (user-pool/tenant).

For IAM providers like Auth0 and Cognito, JWT tokens are scoped to a user-pool/tenant via the iss field, and they are also scoped to a specific application via the aud field. This means that JWTs from the same issuer but with different aud values are from different applications and cannot be used to derive the same Aptos Federated Keyless Account even though they represent the same user identity within the same user-pool/tenant.

Many customers of Auth0 and Cognito have applications with different branding within the same user-pool/tenant ecosystem. Thus it is natural for such customers to use different application identifiers for their applications for organizational purposes. This AIP will enable Aptos Federated Keyless Accounts to be interoperable across such applications.

Read more about it here: https://github.com/aptos-foundation/AIPs/blob/main/aips/aip-108.md