On the Azure AD VCs can you only issue VCs for users that are part of the AD or is any DID a valid credential subject?
What is a valid credential subject when issuing Verifiable Credentials for users?
155 Views Asked by kendallberns At
1
There are 1 best solutions below
Related Questions in AZURE-ACTIVE-DIRECTORY
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- Microsoft Entra ID - How to delete a tenant?
- Azure AD guest account in web app authentication user claims data
- Handling errors in MSAL Redirect - reactjs login with microsoft sso
- Azure Cross Cloud Auth using AAD
- Get id token from the access token
- Microsoft Identity does not work in docker desktop
- how to get refresh token in msal-browser Azure AD B2C login?
- Local DX for service-to-service authentication based on Managed Identities in Azure
- How can I add an identity provider to an existing user in an AWS Cognito user pool using the OIDC protocol?
- Azure B2C MFA custom policy flow 'try another way'
- How can I protect an Java Spring boot API against Azure AD B2C if I only have an id_token?
- Is there any way to get a new Azure CLI token without logging out?
- Code a Delegated Permission in Azure Powershell
- Service Principals I create are not being created as mine
Related Questions in AZURE-AD-VERIFIABLE-CREDENTIALS
- Azure B2C With Verifiable Credentials - QR Code Not Generated in SelfAsserted.html
- Microsoft Entra Verificable ID with "Web" trust system showing a "ION" subject in it
- unable to resolve DID document's short URI after reigisting and publishing it in ION chain
- Is Attestation Verifiable Credentials Type repo demo available in c#?
- MS Graph API Blocking Credentials on one call, but not another
- Verifiable Credential - Presentation request gives an Internal Server Error
- Microsoft Entra Verifiable Credentials Admin API - Issuing Client Credentials Issue
- How to get DID of Subject who has been issues VC
- How to have a flexible displayClaims structure?
- QR Code Got Expire ? with azure verifiable credential
- Bind .NET query string to property
- Azure AD Verifiable Credential from where i can get public key private key values?
- azure unable to access keyvault for issuing verifiable credentials
- Azure AD Verifiable Credential
- Issuer giving duplicate verify credential each time, not sure why
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I think your question touches on 3 different areas, so I'll try to answer all of them:
There is no direct relationship between the AAD identity store and the VC service therefore an AAD user object has no direct relationship with the VC service either. Said differently, AAD users do not have a DID attribute/claim. The DID(s) exists only in the user's Authenticator app and is not explicitly bound to any existing function or identity in the Authenticator app (MFA, password manager, broker, etc).
As part of the VC issuance process, an ID token, from any OpenID Provider that is allowed by the issuer admin, is passed with the request and some of the ID Token claims become the source of the claims in the VC.
Currently, the issuance platform is supported with the wallet inside Microsoft Authenticator and thus DIDs that are generated by Authenticator.