Regarding the CredentialClaimsRequest schema, where unique_id is required but object_id is optional:
-
Behavior on missing object_id: When a request is made using only the unique_id, is the Authentic Source (AS) expected to return all associated datasets in their current state (VALID, INVALID, SUSPENDED)?
-
Filtering criteria: Should the AS instead apply a filter and only return datasets currently in a VALID status?
Providing a clear rule on this is essential to ensure uniform behavior across different Authentic Sources when the Credential Issuer performs a full synchronization for a specific user.