On the Azure AD VCs can you only issue VCs for users that are part of the AD or is any DID a valid credential subject?
What is a valid credential subject when issuing Verifiable Credentials for users?
155 Views Asked by kendallberns At
1
There are 1 best solutions below
Related Questions in AZURE-ACTIVE-DIRECTORY
- MultipleTokensMatched exception when using default TokenCache
- How can I share Azure Active Directory authentication between server side and client script?
- Azure AD Change Password with patch call
- Azure Active Directory Login: Web App Permissions, User Consent not triggered
- ADALJS Error description:AADSTS65001: No permission to access user information is configured for 'clientId' application, or it is expired or revoked
- app is re-initializing the first time ADAL "protected" URL is accessed via $http
- Validate access token for WEB API protected by Azure AD
- Azure AD Graph API: Is it possible to enumerate all groups associated with an application role?
- Is is possible to use Azure AD as a SAML compliant Identity Provider?
- Microsoft Graph API Accessing basic info of a user that is outside tenancy
- RoundCube OAuth with Azure Active Directory
- Deploy Azure AD WebAPI to IIS, with Windows Authentication enabled, skips Azure AD Authentication
- How to change Is Multiple Resource Refresh Token to true in Azure AD authentication?
- Azure, login to separate accounts with one email
- How to setup nginx to authenticate users through Azure AD?
Related Questions in AZURE-AD-VERIFIABLE-CREDENTIALS
- what is role of User did in Verifiable Credentials ? did:ion:username and when user did will generate?
- Issuer giving duplicate verify credential each time, not sure why
- Azure AD Verifiable Credential
- azure unable to access keyvault for issuing verifiable credentials
- Azure AD Verifiable Credential from where i can get public key private key values?
- Verifiable Credential - Presentation request gives an Internal Server Error
- MS Graph API Blocking Credentials on one call, but not another
- Is Attestation Verifiable Credentials Type repo demo available in c#?
- unable to resolve DID document's short URI after reigisting and publishing it in ION chain
- Microsoft Entra Verificable ID with "Web" trust system showing a "ION" subject in it
- What is a valid credential subject when issuing Verifiable Credentials for users?
- Are there runtime defined claims for Microsoft Azure AD Verifiable Credentials
- Only one credential of a type seems allowed?
- Bind .NET query string to property
- Azure B2C With Verifiable Credentials - QR Code Not Generated in SelfAsserted.html
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I think your question touches on 3 different areas, so I'll try to answer all of them:
There is no direct relationship between the AAD identity store and the VC service therefore an AAD user object has no direct relationship with the VC service either. Said differently, AAD users do not have a DID attribute/claim. The DID(s) exists only in the user's Authenticator app and is not explicitly bound to any existing function or identity in the Authenticator app (MFA, password manager, broker, etc).
As part of the VC issuance process, an ID token, from any OpenID Provider that is allowed by the issuer admin, is passed with the request and some of the ID Token claims become the source of the claims in the VC.
Currently, the issuance platform is supported with the wallet inside Microsoft Authenticator and thus DIDs that are generated by Authenticator.