Use AgeKey redirect parameter create_requested
We've added a new query string parameter to the Use AgeKey flow redirect so you can support users who don't have an AgeKey yet without sending them back to choose a different verification method.
What's New
create_requested on Use AgeKey redirect
When a user starts the Use AgeKey flow but does not have an AgeKey, the AgeKey service can show a "use or create AgeKey" dialog. If the user chooses to create an AgeKey, they are now redirected to your redirect_uri with a create_requested=true query parameter (and no id_token).
Your app can detect this and send the user to complete verification with another method (such as ID document scan). Once that verification succeeds, direct them to the Create AgeKey flow. They can then continue without having to go back and pick a different method from scratch.
Updated docs
- Using an AgeKey — flow overview, callback handling, and a table of redirect query parameters
- Use AgeKey API — response section now documents
create_requestedand the two redirect outcomes
How to handle it
On your Use AgeKey callback page, read the query string and branch on create_requested:
- If
create_requested=true, send the user to your verification flow so they can complete verification with another method (such as/verify). After successful verification, direct them to the Create AgeKey flow. - Otherwise, continue with
id_tokenvalidation as before.
No changes are required if you do not want to support this path; the parameter is only set when the user explicitly chooses to create an AgeKey from the dialog.