Thanks to visit codestin.com
Credit goes to github.com

Skip to content

OID4VCI documentation polishing #44738

New issue
New issue
Open
task
Open
OID4VCI documentation polishing#44738
task
Labels
area/docsarea/oid4vcIssue related to OpenID for Verifiable Credentialskind/taskteam/core-clients
@mposolda

Description

@mposolda
mposolda
opened on Dec 8, 2025

Description

This task is to improve OID4VCI documentation in the "Server admin" guide.

  • Maybe some more general introduction to the OID4VCI can be nice (including flows like pre-authorized code flow, authorization_code flow etc). Also including motivation for why to use it etc. For example this blogpost [1] provides some nice pictures of the flows (in the 2nd part of the blog related to OID4VCI).
    Hint: For using pictures, it can be good to use draw.io [5] used by some other Keycloak functionality (For example see token-exchange documentation [2]) as it allows to easily edit pictures and is compatible with some other pictures from Keycloak documentation

  • It can be great if instructions can use the admin console UI to configure things instead of the admin REST API like all other Keycloak functionality in server admin guide. This may require first that there is UI parity between admin UI and admin REST API when configuring things. On the other hand, there is no need to repeat the steps, which are already described in other section of the guide (For example how to create user or how to configure key), but rather reference the existing sections from the OID4VCI documentation.

  • The Keycloak documentation covers some aspects of how to setup things. However there is nothing, which describes how to actually use it besides calling issuer metadata endpoint. It can be great if there are some examples how to use the OID4VCI flows itself. This might include some request/response examples like requests of pre-authorized code flow or requests of authorization_code flow etc. There are some reference examples, which can be also linked (as long as they are stable and not changing often. Like [3] or [4]. The [3] is already referred from the Keycloak docs.), but it can be great to be able to describe it rather in the documentation itself.

  • The integration with some 3rd party open-source Wallet can be also very nice. But probably not a blocker for the OID4VCI preview feature?

[1] https://darutk.medium.com/oid4vci-demo-87a232cfcc2a
[2] https://www.keycloak.org/nightly/securing-apps/token-exchange#_standard-token-exchange-flow
[3] https://github.com/adorsys/Keycloak-ssi-deployment/tree/main
[4] keycloak/keycloak-playground#24
[5] https://draw.io (Redirects currently to https://app.diagrams.net/ )

Additional note

There is a blog-post PR keycloak/keycloak-web#682 , which already addresses some of the issues from above. IMO the blog-post looks much better than current Keycloak documentation. Hopefully some items from that blog-post can be directly covered in the documentation as well . Hopefully the nice pictures from the blog can be re-drawn to use draw.io as referenced above?

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/docsarea/oid4vcIssue related to OpenID for Verifiable Credentialskind/taskteam/core-clients

    Type

    task

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions