Unclear what happens if client_id_scheme appears twice

[OIDF-automation]

Imported from AB/Connect bitbucket: https://bitbucket.org/openid/connect/issues/1982

Original Reporter: oliver-terbu

Clarify why client_id_scheme is needed in the request and in the Verifier Metadata. If this is by design, we need to clarify what happens in case both are present and potentially different.

[OIDF-automation]

Imported from AB/Connect bitbucket - Original Commenter: KristinaYasuda

my understanding has been that client_id_scheme in the verifier metadata is supposed to be the schemes supported by the verifier vs client_id_scheme in the request is supposed to be which one verifier is using in that specific transaction. so i am pretty surprised to see the below definition in the verifier metadata:

client_id_scheme: OPTIONAL. JSON String identifying the Client Identifier scheme. The value range defined by this specification is pre-registered, redirect_uri, entity_id, did. If omitted, the default value is pre-registered.

I would have imagined it is client_id_schemes and is an array.

cc:@{557058:cf344cf5-3085-4fd6-abb3-eaa88b0f0ab9}

[Sakurann]

probably good to resolve together with #124

[jogu]

I think this issue is based on a misunderstanding, client_id_scheme is not present in the verifier metadata.

I think the confusion may have arisen because the section that defines client_id_scheme is titled "Verifier Metadata Management".

It feels like it should probably be renamed but I'm struggling to come up with a new name.

[danielfett]

@jogu PR #263 changes the title of the section to "Client Identifier Scheme and Verifier Metadata Management"

[jogu]

Oh, thanks Daniel, I missed that change. I'm still not sure 'metadata management' is quite right but it's an improvement and I think arguably fixes this issue.