Verify a Credential using an OIDC Bridge

MATTR VII uses a presentation request flow to verify holder's data. Holders can view these presentation requests in their digital wallets and choose to respond with a verifiable presentation, created from the credentials they hold.

OpenID Connect is a standard web authentication protocol that allows developers to manage user identities in a simple and interoperable manner. Its main purpose is to allow software clients to verify the identity of end-users and manage a basic profile associated with each user.

OIDC Bridge is a MATTR VII extension that enables anyone to seamlessly adopt existing tools and frameworks around OpenID Connect without inheriting many of the limitations that typically come with supporting legacy technology (the protocol was first introduced in 2014). It also puts users, or data subjects, back in control of their data whilst remaining interoperable with the OIDC protocol.

Verifiers who need to establish the identity of their users can use existing systems to start an OIDC authentication flow with the OIDC Bridge. The extension uses Presentation Request Templates to communicate what information the Verifier needs to obtain from the Holder and then validates the presentations they receive, authenticating users upon success according to the OIDC protocol.

Verifying credentials using the OIDC Bridge comprises the following steps:

1. Setup an OIDC Verifier: An OIDC Credential Verifier kicks off the verification workflow.

2. Configure a Client: OIDC clients initiate the Authorization Code Flow with an OAuth2/OIDC Authorization Request, which prompts MATTR VII to create the Presentation Request.

3. Manually Verify a Credential: The digital wallet responds to the presentation request with a verifiable presentation. MATTR VII then performs the required validation to establish the integrity and authenticity of the data provided.