Discussed with Max during 30-March meeting.
There isn't a new feature called "Log in with Open Payments". It's just an example scenario for describing an Open Payments client wanting to verify that the correct user has access to the wallet address they provided via an interaction, but without making a payment/getting a payment grant via IdP.
Ask:
Create a new guide for "verify ownership of wallet address". The guide will be similar to our existing "Get an outgoing payment grant for future payments" guide but shorter because we don't need to talk about intervals. But the typical flow is basically the same. Instead of just an access_token in the grant request, we can provide a subject with the wallet address in the list of subject Ids.
A client can use the subject field to create a grant request to get info about the resource owner from an authorization server. Client passes subject field in the request. AS interacts with the RO through the IdP to confirm their identity. The IdP must verify the end-user owns the wallet address returned in the subject field.
Spec PR: interledger/open-payments-specifications#18
From meeting notes
"subject": {
"sub_ids": [
{
"id": "{{walletAddress}}",
"format": "uri"
}
]
}
We'll need to collaborate with multiple devs.
Discussed with Max during 30-March meeting.
There isn't a new feature called "Log in with Open Payments". It's just an example scenario for describing an Open Payments client wanting to verify that the correct user has access to the wallet address they provided via an interaction, but without making a payment/getting a payment grant via IdP.
Ask:
Create a new guide for "verify ownership of wallet address". The guide will be similar to our existing "Get an outgoing payment grant for future payments" guide but shorter because we don't need to talk about intervals. But the typical flow is basically the same. Instead of just an
access_tokenin the grant request, we can provide asubjectwith the wallet address in the list of subject Ids.A client can use the subject field to create a grant request to get info about the resource owner from an authorization server. Client passes subject field in the request. AS interacts with the RO through the IdP to confirm their identity. The IdP must verify the end-user owns the wallet address returned in the subject field.
Spec PR: interledger/open-payments-specifications#18
From meeting notes
We'll need to collaborate with multiple devs.