5.1.7. Wallet Provider Metadata¶
5.1.7.1. wallet_provider metadata¶
The metadata JSON Object whose key is wallet_provider
contains the following parameters. The public keys found in this object are exclusively used for signing and/or encryption operations required to this Entity when acting as a Wallet Provider (e.g., sign the Wallet Attestations to the Wallet Instance).
Key |
Value |
Reference |
---|---|---|
|
CONDITIONAL. JSON Web Key Set document, passed by value, containing the Entity's keys for that Entity Type. It MUST be present if |
|
|
CONDITIONAL. URL referencing a JWK Set document containing the Wallet Provider's keys for that Entity Type. This URL MUST use the https scheme. It MUST be present if |
|
|
CONDITIONAL. URL referencing a signed JWT having the Entity's JWK Set document for that Entity Type as its payload. This URL MUST use the https scheme. The JWT MUST be signed using a Federation Entity Key. A successful response from the URL MUST use the HTTP status code 200 with the Content Type |
|
|
OPTIONAL. List of supported values for the certifiable security context. These values specify the security level of the app, according to the levels: low, medium, or high. Authenticator Assurance Level values supported. |
This specification. |
5.1.7.2. federation_entity metadata¶
Key |
Value |
Reference |
---|---|---|
|
OPTIONAL. A human-readable name representing the organization owning the Wallet Provider. |
|
|
OPTIONAL. URL of a Web page for the organization owning the Wallet Provider. |
|
|
OPTIONAL. URL that contains the Wallet Provider's terms of service. |
|
|
OPTIONAL. URL of the documentation of conditions and policies relevant to the Wallet Provider. |
|
|
OPTIONAL. String. A URL that points to the logo of the Wallet Provider. The file containing the logo SHOULD be published in a format that can be viewed via the web. |
Below is a non-normative example of the Entity Configuration for a Wallet Provider.
{
"alg": "ES256",
"kid": "5t5YYpBhN-EgIEEI5iUzr6r0MR02LnVQ0OmekmNKcjY",
"typ": "entity-statement+jwt"
}
.
{
"iss": "https://wallet-provider.example.org",
"sub": "https://wallet-provider.example.org",
"jwks": {
"keys": [
{
"crv": "P-256",
"kty": "EC",
"x": "qrJrj3Af_B57sbOIRrcBM7br7wOc8ynj7lHFPTeffUk",
"y": "1H0cWDyGgvU8w-kPKU_xycOCUNT2o0bwslIQtnPU6iM",
"kid": "5t5YYpBhN-EgIEEI5iUzr6r0MR02LnVQ0OmekmNKcjY"
}
]
},
"metadata": {
"wallet_provider": {
"jwks": {
"keys": [
{
"crv": "P-256",
"kty": "EC",
"x": "BxYsu3QvYmOz1fl1l5hGyPWlpvgTzz3AY3j3K_9zGPs",
"y": "ob34Wmfah_ScQXaYMJWoBkZSwO-kQ0VTgMk4VZfu48w",
"kid": "749b495837819c00cfee1749b495837819c00cfee1"
}
]
},
"aal_values_supported": [
"https://wallet-provider.example.org/LoA/basic",
"https://wallet-provider.example.org/LoA/medium",
"https://wallet-provider.example.org/LoA/high"
]
},
"federation_entity": {
"organization_name": "IT-Wallet Provider",
"homepage_uri": "https://wallet-provider.example.org",
"policy_uri": "https://wallet-provider.example.org/privacy_policy",
"tos_uri": "https://wallet-provider.example.org/info_policy",
"logo_uri": "https://wallet-provider.example.org/logo.svg"
}
},
"authority_hints": [
"https://registry.eudi-wallet.example.it"
]
"iat": 1687171759,
"exp": 1709290159
}