Issue a Credential using OIDC Bridge

Introduction

This guide will step through how to issue a credential to the MATTR Mobile Wallet App once the MATTR tenant has been configured for Verifiable Credential issuance using an OpenID Connect Provider.

Prerequisites

You need the following in order to proceed with this tutorial:

If you’re experiencing any difficulties please contact us.

Configure Auth0 OIDC Provider

Open your Auth0 application and navigate to the ‘Settings’ tab.

Update the ‘Allowed Callback URLs’ to include your MATTR issuer URL.

https://tenant.platform.mattr.global/oidc/v1/issuers/983c0a86-204f-4431-9371-f5a22e506599/federated/callback

Embed in a QR Code

A common way to reference the issuer is to encode the openid:// URL within a QR code.

openid://discovery?issuer=https://tenant.platform.mattr.global/oidc/v1/issuers/983c0a86-204f-4431-9371-f5a22e506599

Remember the issuer is long-lived and can be referenced by many clients. You could even print out the QR code.

There are many QR generation services available which may be useful at this point:

MATTR is not affiliated with any of these service providers and cannot vouch for their offerings.

Make sure to make the QR a decent size to be resolvable by a phone camera, 200px square is a fine.

Let’s use an API service to generate the QR code:

https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=openid://discovery?issuer=https://tenant.platform.mattr.global/oidc/v1/issuers/983c0a86-204f-4431-9371-f5a22e506599

Try it out

At this point you should be able to open the MATTR Wallet app, go to ‘scan’, and then point the camera at the QR code.

You should see the credential displayed for you to Accept or Decline.

The issued credential will support revocation. For more information please see the credential revocation overview.

The issued credential will not be held in a registry. For more information please see Hold a Credential in a Registry.

The tag in the credential metadata will be set to the sub value of the ID token of the federated provider.

Troubleshooting

You may encounter some technical difficulties while running this tutorial. Below are a few common problems and their solutions.

The App opens but refuses to show the credential being offered

  • Check that you have encoded the issuerId correctly in the QR
  • Your phone will need public internet access. Check it can access common websites.
  • Check that you can open the exact URL embedded in the code

Scanning the QR code using the phone’s camera doesn’t open the app (opens Google search or tries to load in the browser and fails)

  • Make sure you have the MATTR Mobile Wallet app set up with a PIN
  • Make sure the QR is large enough to be read by your phone; try creating a larger QR Code (say 300 x 300 px)