Proposals addressing discoverability issues with vc-http-api

See: https://github.com/w3c-ccg/vc-http-api/issues/218

Proposal 1: The APIs that use OAS3.0 MUST define securitySchemes per the
OAS 3.0 spec. (@OR13 proposal addresses 4)
Proposal 2: The APIs that use OAS3.0 MUST define the use of the Link Header
for suite and issuer id discovery (@TallTed 's proposal addressing 1/2/3)
Proposal 3: The APIs that use OAS3.0 MUST define the use of a .well-known
JSON resource for conveying supported issuer ids and suites. (@OR13 's.
proposal addressing 1/2/3)

Note that I did not include the proposal to use did:web for discoverability
since it conflicted with previous resolutions, although I think it
highlights why did:web is such a good choice for issuer APIs....

We also previously resolved to use OAS3.0 yet I question if the recent
resolutions are compatible with that proposal, especially when considering
support for GNAP / RAR.

Can someone point me to an example of an HTTP API specifed using OAS3.0 +
GNAP + RAR that is implemented using
https://swagger.io/docs/specification/authentication/ ?

OS

--
*ORIE STEELE*
Chief Technical Officer
www.transmute.industries

<https://www.transmute.industries>

Received on Tuesday, 20 July 2021 18:58:19 UTC