-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feedback on Blockchain Claims for use in JWT #128
Comments
This is very interesting-- but I'm not sure very many of us in CASA are JW* experts, much less experts in how OIDC tokens profile JW*. Is the goal to get CASA feedback first and use that to define a JWT profile/scheme for IANA? |
Yeah, that's the objective. Standardizing the claims so they are in the IANA registry would be the ideal outcome. The specification (once finalized) could be submitted to the most relevant organization, I suspect IETF would be appropriate but it could also be hosted here if there is interest. Either way, feedback from this community would be appreciated. |
I think this is really useful. This allows people to include blockchain accounts in JOSE objects without name ambiguity. Also +1 for registering in IANA after the CAIP was approved. A lot of applications don't allow custom claims if they are not registered in IANA or don't use identifiers with collision-resistant names, e.g., using reverse domain, URIs. This CAIP would solve this issue. |
Thanks for dropping a message here. I opened an issue on that repo, but happy to move the discussion over here. Which would you prefer @jaredhanson? |
On the topic of JWTs and to add some context, MetaMask Snaps was surprised that we had a request to expose ability to sign JWTs. We didn't see the use-case, but if there's enough feature requests we'd like to revisit it. |
@jaredhanson any update here? DM me on Discord, twitter, etc if a 1:1 meeting would help! |
Hello! I work at Okta/Auth0, am an advisor to Dynamic, and maintain various Node.js packages for identity-related functionality (Passport.js, OAuth2orize, etc.)
I've put together a proposal on how to represent blockchain accounts and assets in a JWT. As off-chain applications adopt Web3 technologies, through specifications such as CAIP-122, this allows services to have a common way to do authorization based on accounts or assets owned (token-gating).
I'd love to get this communities feedback on the proposal. If there's interest, I will submit a PR to this repo consideration as a CAIP. Thanks!
https://github.com/jaredhanson/id-blockchain-claims-in-jwt
The text was updated successfully, but these errors were encountered: