The Require presentation section requires that the IAE OpenID4VP request follows DC API requirements with some exceptions. However it does not mention anything about the client_id_prefix. The implied client_id_prefix in DC API is origin if there's no client_id defined, but this is not applicable to IAE I think?
So should there be a note about client_id_prefix with IAE? Since the presentation needs to prefix iae: in the aud (and uses a custom session transcript for mdoc), there's not really any missing behavior as I see it, just a bit confusing, as our logic "implies" the client_id to be origin:<origin> if there's no client_id defined (in DC API, and IAE builds on DC API), and it seems there's a new implied client id with iae: iae:<iae_endpoint>. I think describing this in a similar way to the implied client id with DC makes sense.
The Require presentation section requires that the IAE OpenID4VP request follows DC API requirements with some exceptions. However it does not mention anything about the client_id_prefix. The implied client_id_prefix in DC API is
originif there's no client_id defined, but this is not applicable to IAE I think?So should there be a note about client_id_prefix with IAE? Since the presentation needs to prefix
iae:in theaud(and uses a custom session transcript for mdoc), there's not really any missing behavior as I see it, just a bit confusing, as our logic "implies" the client_id to beorigin:<origin>if there's no client_id defined (in DC API, and IAE builds on DC API), and it seems there's a new implied client id with iae:iae:<iae_endpoint>. I think describing this in a similar way to the implied client id with DC makes sense.