A possible flow similar to hybrid grant #287
Description
Throughout the works in the OIDF GAIN PoC WG, I came to the idea that obtaining an access token along with the verifiable presentation can be an useful use case in the context of decentralized identity. The point of the design would be to have a code vp_token or token vp_token response type to request both access and identity information in the same flow.
One of the missing parts would a parameter here called relying_party_redirect_uri that would help the relying party to trigger an OID4VP flow from the authorization server and get a response with the access_token and the vp_token. That would help to have the verifier uncoupled from the application that requires the identity information.
I drafted the following sequence diagram and a working proof of concept (malach-it/boruta-server#66) that showcase how it would look like.
I raised this issue to gather feedback about the concept and know if I am mistaken somewhere.