[OpenID4VCIFrontend] Interoperability issues - Relative URLs in Credential Issuer Metadata #527
Description
Description:
In OpenID4VCIFrontend the metadata hosted at /.well-known/openid-federation incorrectly uses relative paths (e.g., /credential) instead of absolute HTTPS URLs for its service endpoints.
The affected parameters in the credential_issuer object include:
- pushed_authorization_request_endpoint
- authorization_endpoint
- token_endpoint
- credential_endpoint
- nonce_endpoint
- deferred_credential_endpoint
- revocation_endpoint
- status_assertion_endpoint
- notification_endpoint
Reference:
The OpenID4VCI standard requires these endpoints to be valid HTTPS URLs to ensure interoperability with standard-compliant Wallets.