Skip to content

Sphereon-Opensource/OID4VCI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

746 Commits

.github/workflows

.github/workflows

 
 

docs

docs

 
 

packages

packages

 
 

.eslintrc.json

.eslintrc.json

 
 

.gitignore

.gitignore

 
 

.prettierignore

.prettierignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

jest.json

jest.json

 
 

lerna.json

lerna.json

 
 

package.json

package.json

 
 

pnpm-lock.yaml

pnpm-lock.yaml

 
 

pnpm-workspace.yaml

pnpm-workspace.yaml

 
 

Repository files navigation


Sphereon
OpenID for Verifiable Credential Issuance - Client and Issuer

CI codecov NPM Version

IMPORTANT the packages are still in an early development stage, which means that breaking changes are to be expected

Background

This is a mono-repository with a client and issuer pacakge to request and receive Verifiable Credentials using the OpenID for Verifiable Credential Issuance ( OpenID4VCI) specification for receiving Verifiable Credentials as a holder/subject.

OpenID4VCI defines an API designated as Credential Endpoint that is used to issue verifiable credentials and corresponding OAuth 2.0 based authorization mechanisms (see [RFC6749]) that a Wallet uses to obtain authorization to receive verifiable credentials. W3C formats as well as other Credential formats are supported. This allows existing OAuth 2.0 deployments and OpenID Connect OPs (see [OpenID.Core]) to extend their service and become Credential Issuers. It also allows new applications built using Verifiable Credentials to utilize OAuth 2.0 as an integration and interoperability layer. This package provides holder/wallet support to interact with OpenID4VCI capable Issuer systems.

In addition to the client and issuer, there is also a common package, which has all the types and payloads shared between the client and issuer.

Packages

There are 2 main packages in this mono-repository

OpenID for VCI Client

The OpenID4VCI client is typically used in wallet type of applications, where the user is receiving the credential(s). More info can be found in the client README

OpenID for VCI Issuer

The OpenID4VCI issuer is used in issuer type applications, where an organization is issuing the credential(s). More info can be found in the issuer README. Please note that the Issuer is a library. It has some examples on how to run it with REST endpoints. If you are however looking for a full solution we suggest our SSI SDK or the demo

Flows

The spec lists 2 flows:

Authorized Code Flow

This flow is supported but might need more work, so you might run into issues trying to use it.

Pre-authorized Code Flow

The pre-authorized code flow assumes that the user is using an out of bound mechanism outside the issuance flow to authenticate first.

The below diagram shows the steps involved in the pre-authorized code flow. Note that inner wallet functionalities (like saving VCs) are out of scope for this library. Also This library doesn't include any functionalities of a VC Issuer Flow diagram

About

OpenID for Verifiable Credential Issuance - client and issuer library

Topics

oauth2 ssi openid verifiable-credentials oid4vci oidc4vci openid4vci

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

53 stars

Watchers

7 watching

Forks

15 forks
Report repository

Releases 19

v0.10.3 Latest
Apr 25, 2024
+ 18 releases

Contributors 14

Languages