Set up an OpenID Provider

Introduction

VII Extensions including the OIDC Bridge allow customers to augment their existing identity management infrastructure. Using the OIDC Bridge, an OIDC Credential Issuer can be configured to leverage an existing OIDC Provider in order to authenticate users and provide the information needed to generate verifiable credentials and make them available to an end-user's digital wallet. If you are unfamiliar with OpenID Connect (OIDC), there are many excellent guides available online.

To offer your first Verifiable Credential, you must first configure a standard OpenID Provider (OP) that will be used as a federated provider by the OIDC Bridge.

OpenID Providers

You can use any OpenID Provider as long is it supports the following capabilities specified by OpenID Connect Core and OpenID Connect Discovery:

  • Must publish the OpenID Provider configuration at /.well-known/openid-configuration.

  • Must support Authorization Code flow.

  • Must support the state parameter.

These are required to allow the OIDC Bridge to federate out to your OP and accept an ID Token containing the end-users claims.

Refer to one of the following guides to setup your selected OpenID Provider:

After you setup your select provider, make sure you test it before continuing to setup an OIDC Issuer.