This directory contains Architecture Decision Records (ADRs) for QAuth.
An ADR is a document that captures an important architectural decision made along with its context and consequences.
| ID | Title | Status | Date |
|---|---|---|---|
| 001 | JWT Key Management Strategy | Accepted | 2026-01-15 |
| 002 | Identifier Abstraction — Email as Credential, Not Identity | Accepted | 2026-03-11 |
| 003 | CredentialProvider Abstraction for Authentication Methods | Accepted | 2026-03-11 |
| 004 | Wallet-Agnostic VC Federation via SIOPv2/OID4VP | Accepted | 2026-03-11 |
| 005 | Post-Quantum Cryptography — Hybrid Signing Roadmap | Accepted | 2026-03-18 |
| 006 | OAuth Grants — client_credentials, client_secret_basic, and aud Claim |
Accepted | 2026-04-16 |
When creating a new ADR:
- Copy the template below
- Name the file
NNN-short-title.md(e.g.,002-database-strategy.md) - Fill in the sections
- Update this index
# ADR-NNN: Title
**Status:** Proposed | Accepted | Deprecated | Superseded
**Date:** YYYY-MM-DD
**Authors:** Names
## Context
What is the issue that we're seeing that is motivating this decision?
## Decision
What is the change that we're proposing and/or doing?
## Consequences
What becomes easier or more difficult to do because of this change?
### Positive
### Negative
### Neutral
## Related
Links to related ADRs, RFCs, or issues.