Securing authentication flows using a decentralized identifier

What is claimed is: 1. A computing system of a digital wallet for receiving an authentication token from an identity provider, the authentication token being used by the computing system in a request for one or more verifiable claims from a verifiable claim issuer so that the computing system can be validated by the verifiable claim issuer, the computing system being associated with a Decentralized Identifier (DID) that is backed by a distributed ledger, the computing system comprising: one or more processors; and one or more computer-readable storage media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the computing system to: generate an identification value associated with a DID of a DID owner; generate a first request for an authentication token from an identification provider, the authentication token being configured to authenticate the computing system with a verifiable claim issuer, the first request including the identification value; provide the first request to the identification provider; receive, in response to the identification provider validating the first request, the authentication token including the identification value from the identification provider; generate a second request for one or more verifiable claims from the verifiable claim issuer, the second request including the DID and authentication token including the identification value; and receive, in response to the verifiable claim issuer validating the authentication token and the identification value, the one or more verifiable claims from the verifiable claim issuer. 2. The computing system of claim 1 , wherein the identification value is a random number or hash value that is signed using a private key associated with the DID, the private key having an associated public key that is accessible via a distributed ledger. 3. The computing system of claim 2 , wherein the associated public key is accessible by accessing a DID document associated with the DID that is tied to the distributed ledger. 4. The computing system of claim 1 , wherein the identification value is a hash of the DID. 5. The computing system of claim 1 , wherein the identification value comprises the DID. 6. The computing system of claim 1 , wherein the first request includes identification information related to the DID owner and information requesting the authentication token. 7. The computing system of claim 1 , wherein the authentication token includes one or more authentication proofs that are generated by the identity provider. 8. The computing system of claim 1 , wherein the authentication token is cryptographically signed by the identity provider. 9. The computing system of claim 1 , wherein the second request includes information specifying one or more verifiable claims that the DID owner desires to receive from the verifiable claim issuer. 10. The computing system of claim 1 , wherein the second request is cryptographically signed using the private key that was used to generate the identification value. 11. The computing system of claim 1 , wherein the one or more verifiable claims received from the verifiable claim issuer are stored at the computing system and/or stored at an identity hub owned by the DID owner. 12. A computing system of an identity provider for generating an authentication token for use by a digital wallet in a request for one or more verifiable claims from a verifiable claim issuer so that the digital wallet can be validated by the verifiable claim issuer, the digital wallet being associated with a Decentralized Identifier (DID) that is backed by a distributed ledger, the computing system comprising: one or more processors; and one or more computer-readable storage media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the computing system to: receive an authentication request for an authentication token from a digital wallet that is associated with a DID of a DID owner, the authentication token being configured to authenticate the digital wallet with a verifiable claim issuer, the authentication request including an identification value associated with the DID that was generated by the digital wallet; validate the authentication request; in response to validating the authentication request, generate the authentication token including the identification value; and provide the authentication token to the digital wallet. 13. The computing system of claim 12 , wherein the authentication request includes identification information related to the DID owner and information requesting the authentication token. 14. The computing system of claim 12 , wherein the authentication token includes one or more authentication proofs that are generated by the computing system. 15. The computing system of claim 12 , wherein the authentication token is cryptographically signed by the computing system. 16. The computing system of claim 12 , wherein the computing system includes the identification value with the authentication token without decrypting the identification value. 17. A computing system of a verifiable claim issuer for providing one or more verifiable claims to a digital wallet, the computing system receiving an authentication token issued by an identity provider that validates that the digital wallet is authorized to receive the one or more verifiable claims, the digital wallet being associated with a Decentralized Identifier (DID) that is backed by a distributed ledger, the computing system comprising: one or more processors; and one or more computer-readable storage media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the computing system to: receive a request for one or more verifiable claims from a digital wallet that is associated with a DID of a DID owner, the request including the DID and an authentication token generated by an identity provider, the authentication token including an identification value that was generated by the digital wallet and that is bound to the DID; validate the authentication token to ensure that the authentication token was issued by the identity provider; validate the identification value; and in response to validating the authentication token and the identification value, provide the one or more verifiable claims to the digital wallet. 18. The computing system of claim 17 , wherein the identification value is a random number or hash value that is signed using a private key associated with the DID, wherein validating the identification token comprises using a public key that is associated with the private key and this is accessible via a distributed ledger. 19. The computing system of claim 17 , wherein the identification value is a hash of the DID, wherein validating the identification value comprises determining that the hash of the DID comprising the ID value matches a hash of the DID. 20. The computing system of claim 17 , wherein the identification value is a the DID, wherein validating the identification value comprises determining that the DID comprising the ID value matches the DID.