OIDC Bridge

Introduction

OIDC Bridge is an issuance extension of MATTR VII which leverages OpenID Connect. It provides a way for developers familiar with legacy identity systems to integrate digital trust capabilities into their existing applications and services. OpenID Connect (OIDC) is an authentication protocol that builds atop of the standard OAuth 2.0. The purpose of OIDC is to define a standard way of requesting different forms of authentication from supported providers. As a protocol, it is already widely used by identity management solutions on the market today.

Extending MATTR VII with OpenID Connect

Though we believe firmly in the future of decentralised digital trust, we recognize the fact that most developers and organisations are familiar with existing and proven technology for secure web identity, namely OpenID Connect. If you are unfamiliar with OIDC, there are many excellent guides available online. In short, OpenID Connect is a set of standards built on top of OAuth2 to securely share identity information on the web. It is commonly used to authenticate end-users into web applications using a simple and lightweight process. This simplicity has largely lead to its widespread adoption in many different domains.

We created a bridge to connect OIDC with emerging decentralized web standards, making it simpler than ever to start using MATTR VII and providing an upgrade path for those users who have existing services with users they want to continue to support.

MATTR VII with the OIDC Bridge combines technologies that enable decentralized digital trust with OpenID Connect, allowing end-users to securely login to their existing OIDC-ready applications (e.g. Salesforce) using a DID on their MATTR Wallet app.

If you want to use OIDC Bridge to quickly get started with our digital trust platform, check out our tutorials to get a step-by-step guide on configuring your tenant to use OpenID Connect. If you’re looking for more detail, or simply want to use MATTR VII Core directly, please check out the API Reference docs here.

Usage

OIDC Bridge defines how a standard OpenID Connect Provider (OP), can be extended to support a new method of authentication leveraging decentralized identifiers (DIDs) and verifiable credentials (VCs). Our mobile wallet complements the OP by including native support for this new method of authentication.

It exposes a set of APIs to the user which are needed to orchestrate solutions using OpenID Connect. These components are grouped into the following categories:

  • OIDC Credential Issuers — federated providers for issuing credentials to end-users

  • OIDC Credential Verifiers — federated providers for verifying credentials presented by end-users