我已经设置了一个 Entra 外部 ID 系统,并创建了一个自定义安全属性,以便模拟向登录我的应用程序的用户添加自定义数据。 (目前只是一个演示,但希望在那里存储会员号码和会员级别)。 我正在尝试使用该自定义属性/声明信息以便能够颁发包含其会员编号的已验证凭据,但是它总是失败并出现相同的错误“在发行中缺少提供的声明” - 它与使用非自定义一起工作正常字段(例如给定的名称,根据所有示例)
我尝试过
Foo.Bar
、user.Bar
、extension_..._Bar
,但没有运气。
验证凭证规则中需要什么语法?
当前失败规则:
{
"attestations": {
"idTokenHints": [
{
"mapping": [
{
"outputClaim": "foobar",
"required": true,
"inputClaim": "Foo.Bar",
"indexed": false
}
],
"required": false
}
]
},
"validityInterval": 2592000,
"vc": {
"type": [
"Foobar"
]
}
}
使用演示 1-asp-net-core-api-idtokenhint C# 项目时出现问题 api 错误:
issuance error: "Something went wrong calling the API:
{
"requestId": "2b020237faffd90eaed9d034a296775e",
"date": "Tue, 21 May 2024 22:43:44 GMT",
"mscv": "cpMoovB/XjpznKMR.3",
"error": {
"code": "badRequest",
"message": "The request is invalid.",
"innererror": {
"code": "badOrMissingField",
"message": "Missing provided claims in issuance: [Foo.Bar]",
"target": "claims"
}
}
}"
这是两个文件的语法,因此您可以使用自定义声明成功颁发和验证凭据。
显示清晰度:
{
"locale": "en-US",
"card": {
"backgroundColor": "#ffffff",
"description": "With verified patient card you can sign in faster and access your medical data.",
"issuedBy": "Formula Healthcare",
"textColor": "#055C9D",
"title": "Verified Patient",
"logo": {
"description": "Formula Healthcare Logo",
"uri": "https://strf5verifiediddev.blob.core.windows.net/vc-public/fh-logo.png"
}
},
"consent": {
"instructions": "Accept credential to confirm that you are verified patient.",
"title": "Accept credential for Verified Patients"
},
"claims": [
{
"claim": "vc.credentialSubject.fullName",
"label": "Full name",
"type": "String"
},
{
"claim": "vc.credentialSubject.nationalHealthcareId",
"label": "National Healthcare ID",
"type": "String"
}
]
}
规则定义:
{
"attestations": {
"idTokenHints": [
{
"mapping": [
{
"outputClaim": "fullName",
"required": false,
"inputClaim": "fullName",
"indexed": false
},
{
"outputClaim": "nationalHealthcareId",
"required": false,
"inputClaim": "nationalHealthcareId",
"indexed": false
}
],
"required": true
}
]
},
"validityInterval": 2592000,
"vc": {
"type": [
"VerifiedPatient"
]
}
}
正如您在上面所看到的,您可以在 VC 中为声明创建映射(并使用与最初定义不同的名称,使用输入和输出声明定义)。但是,我建议对输入和输出声明使用相同的名称。 我希望这有帮助。