The Curity Identity Server is an enterprise identity and access management platform that provides OAuth 2.0 and OpenID Connect capabilities with support for Verifiable Credentials issuance. The platform implements the OpenID4VCI specification for issuing W3C Verifiable Credentials and SD-JWT VCs (Selective Disclosure JWT Verifiable Credentials).
The system's core features include multi-factor authentication, single sign-on, and API security through a modular architecture. For verifiable credentials, it supports both the jwt_vc_json format following the W3C Verifiable Credential Data Model 1.1 and the vc+sd-jwt format following the SD-JWT VC data model. Notable technical capabilities include DID method support for subject identification, credential schema validation, and integration with hardware security modules for key management.
The platform has gained significant adoption in the Nordic region, particularly among financial institutions and healthcare providers. Key implementations include ICA Gruppen (Swedish retail/banking), Region Jönköping County (healthcare), and Santander. The system is used to manage identity and access control across large distributed organizations while meeting regulatory requirements in sectors like healthcare and financial services. While the verifiable credentials functionality is currently marked as experimental, the core identity management capabilities are used in production by enterprise customers.
If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page