Verify a Credential using OIDC Bridge

Table of Contents

Overview

OpenID Connect is a standard web authentication protocol that allows developers to manage user identities in a simple and interoperable manner. Its main purpose is to allow software clients to verify the identity of end-users and manage a basic profile associated with each user. We've developed a Platform Extension called OIDC Bridge that enables anyone to seamlessly adopt existing tools and frameworks around around OpenID Connect without inheriting some of the limitations that typically come with supporting legacy technology (the protocol was first introduced in 2014). It also puts users, or data subjects, back in control of their data while remaining technically interoperable with the OIDC protocol. An issuing authority is able to leverage OIDC Bridge to deliver credentials containing verifiable data to the end-user. At the same time, users are now able to store and manage credentials they have received in their own Mobile Wallet, and they can create verifiable presentations of that data upon request. Verifiers who need to establish the identity of their users can communicate what information they need to obtain from a user's credentials and then validate the presentations they receive, authenticating users upon success according to the OIDC protocol.

Steps

To get started verifying credentials using OIDC Bridge, check out the following tutorials:

  1. Create a Request Template - A Presentation Request Template defines which credentials are required for presentation. This is used to create the actual Presentation Request, which is used by the Mobile Wallet to select which credential it should send.
  2. Configure a Client - OIDC Clients initiate the Authorization Code Flow with the Authorization Request, which prompts the platform to create the Presentation Request.
  3. Manually Verify a Credential - The Mobile Wallet must process the Presentation Request to provide a Credential Presentation. This step performs the validation required to establish integrity and authenticity of a Credential Presentation.