Issue a Credential using OIDC Bridge

Table of Contents

Overview

OpenID Connect is a standard web authentication protocol that allows developers to manage user identities in a simple and interoperable manner. Its main purpose is to allow software clients to verify the identity of end-users and manage a basic profile associated with each user. We've developed a Platform Extension called OIDC Bridge that enables anyone to seamlessly adopt existing tools and frameworks around around OpenID Connect without inheriting some of the limitations that typically come with supporting legacy technology (the protocol was first introduced in 2014). It also puts users, or data subjects, back in control of their data while remaining technically interoperable with the OIDC protocol. An issuing authority is able to leverage OIDC Bridge to deliver credentials containing verifiable data to the end-user. At the same time, users are now able to store and manage credentials they have received in their own Mobile Wallet, and they can create verifiable presentations of that data upon request. Verifiers who need to establish the identity of their users can communicate what information they need to obtain from a user's credentials and then validate the presentations they receive, authenticating users upon success according to the OIDC protocol.

Steps

To get started issuing credentials using OIDC Bridge, check out the following tutorials:

  1. Setup an OpenID Provider - An OpenID Provider is an externalized service which provides federated identity management on behalf of the user.
  2. Setup Claim Mappings - Claim Mappings ensure that all the claims you want to issue are defined, both in OpenID Connect as well as JSON-LD.
  3. Setup a Credential Offer - A Credential Offer kicks off the interaction required for an issuer to give a holder a credential.