Purpose for Access Request
The goal of this discussion is the creation of a display to the holder of a request for some details needed to create a transaction between the holder and the Verifier.
- The request must reflect:
- The sort of transaction for which data is required.
- Any information required to complete the transaction and whether it is to be retained by the verifier.
- Any optional information that the verifier wishes that is not required by the immediate transaction.
- It is the responsibility of the User Agent to:
- Display the information to the holder in a language that the user can understand.
- Input the holder's response
- User Agent
Current Standard Request Messages
These are all call Authorization Requests rather than Access Requests, which is the typical current transaction type.
JARThe OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request IETF RFC 9102(2021-08-21]
PAROAuth 2.0 Pushed Authorization Requests 2021-09 IETF RFC 9126
This document defines the pushed authorization request (PAR) endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct request and provides them with a request URI that is used as reference to the data in a subsequent call to the authorization endpoint.
RAROAuth 2.0 Rich Authorization Requests draft-ietf-oauth-rar-12 2022-05-05
W3C Data Privacy Vocabulary
- Collected sources
- Data elements defined in the DPV
- EU SPECIAL Project (Scalable Policy-aware Linked Data Architecture For Privacy, Transparency and Compliance)
- supports the acquisition of user consent at collection time and the recording of both data and metadata (consent policies, event data, context) according to legislative and user-specified policies;
- caters for privacy-aware, secure workflows that include usage/access control, transparency and compliance verification;
- demonstrates robustness in terms of performance, scalability and security, all of which are necessary to support privacy preserving innovation in Big Data environments; and
- provides a dashboard with feedback and control features that make privacy in Big Data comprehensible and manageable for data subjects, controllers, and processors.