Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add further details of how errors are returned from Browser API including a example error response #204

Open
jogu opened this issue Jul 2, 2024 · 3 comments

Comments

@jogu
Copy link
Collaborator

jogu commented Jul 2, 2024

As per @awoie comment here https://github.com/openid/OpenID4VP/pull/155/files#r1652002661:

It would make sense to add an error response example as well.

and @marcoscaceres comment here https://github.com/openid/OpenID4VP/pull/155/files#r1660602655:

Errors should probably result in promise rejections, no?

@marcoscaceres
Copy link
Contributor

it would be good to discuss here and in the DC spec itself how we handle particular types of errors and response errors... we need to clarify what's "exceptional" (causing the promise to reject in the browser API), and what's expected as response data when there is some error.

@jogu
Copy link
Collaborator Author

jogu commented Jul 3, 2024

I agree @marcoscaceres - it would probably be good to have a discussion about errors in a WICG call. I had a look and this issue from Rick is probably a place to discuss it: WICG/digital-credentials#130

We may also need to update the example javascript call to the digital credential API in the VP spec depending on the outcome.

@Sakurann
Copy link
Collaborator

discussed during the WG call:

  • we need to clearly define how error codes currently defined in https://openid.github.io/OpenID4VP/openid-4-verifiable-presentations-wg-draft.html#section-6.4 are returned in the openid4vp response over the browser API. Current assumption is as members in the JS object.
  • need examples for the above.
  • out of the error codes defined in section 6.4, some probably don't apply in browser API profile, or can be used in both, like invalid_request? -> parallel discussion happening in W3C.
  • need a separate discussion if which error codes should not be returned from privacy perspective are different between vanilla openid4vp and browser api profile. -> please open a separate issue on this.

@Sakurann Sakurann added this to the ID-3 milestone Jul 11, 2024
@Sakurann Sakurann modified the milestones: ID-3, 1.1 Dec 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants