SID-AUTH-03 — OIDC Gate for External Identity Providers

Property	Value
Owner	platform
Category	technical
CSF Function	protect
Group	Authentication Controls

Description

External OIDC ID tokens validated for gated registration/login flows. Validates issuer, audience, JWT signature via JWKS discovery, expiration with configurable clock skew. Caches validators per provider.

Components

Wallet Backend (Go)

Source References

go-wallet-backend/oidc_gate.go
go-wallet-backend/oidc/validator.go

Framework Requirements

ISO 27001 Annex A: A.5.16, A.8.5

OWASP ASVS 4.0.3 Level 3: V1.2, V3.6

Description​

Components​

Source References​

Framework Requirements​

Description

Components

Source References

Framework Requirements