OIDC Bridge

Introduction

OIDC Bridge is an Extension to our Platform Core which leverages OpenID Connect. It provides a way for developers familiar with legacy identity systems to integrate powerful new digital trust capabilities into their existing applications and services. OpenID Connect (OIDC) is an authentication protocol that builds atop of the standard OAuth 2.0. The purpose of OIDC is to define a standard way of requesting different forms of authentication from supported providers. As a protocol, it is already widely used by identity management solutions on the market today.

Extending the MATTR Platform with OpenID Connect

Though we believe firmly in the future of decentralized digital trust, we recognize the fact that most developers and organizations are familiar with existing and proven technology for secure web identity, namely OpenID Connect. If you are unfamiliar with OIDC, there are many excellent guides available online. In short, OpenID Connect is a set of standards built on top of OAuth2 to securely share identity information on the web. It is commonly used to authenticate end-users into web applications using a simple and lightweight process. This simplicity has largely lead to its widespread adoption in many different domains.

We created a bridge to connect OIDC the with emerging decentralized web standards, making it simpler than ever to start using our platform and providing an upgrade path for those users who have existing services with users they want to continue to support.

The MATTR Platform with OIDC Bridge combines technologies that enable decentralized digital trust with OpenID Connect, allowing end-users to securely login to their existing OIDC-ready applications (e.g. Salesforce) using a DID on their MATTR Wallet App.

If you want to use OIDC Bridge to quickly get started with our digital trust platform, check out our Tutorials to get a step-by-step guide on configuring your tenant to use OpenID Connect. If you're looking for more detail, or simply want to use our Platform Core directly, please check out the API Reference docs here.

Usage

OIDC Bridge defines how a standard OpenID Connect Provider (OP), can be extended to support a new method of authentication leveraging Decentralized Identifiers (DIDs). Our Mobile Wallet complements the OP by including native support for this new method of authentication.

It exposes a set of APIs to the user which are needed to orchestrate solutions using OpenID Connect. These components are grouped into the following categories:

  • OIDC Authentication - authorization and token endpoints
  • OIDC Clients - CRUD for clients used to verify credentials
  • OIDC Providers - CRUD for providers used to issue credentials
  • OIDC Claim Mappings to JSON-LD - CRUD for mapping terms used by clients and providers in a credential