ID Projects
Consortia
Private Entities
Public Entities
Regulations
Standards/Protocols
People
DLT Tech
DID Methods
Blockchains
Global View

OpenID for Verifiable Credential Issuance - OID4VCI

type
Standard
Documentation
openid.github.io

Description

Description
Source

OpenID for Verifiable Credential Issuance is a protocol specification that defines a standardized API for issuing verifiable credentials. It enables credential issuers to provide digital credentials to wallet applications in a secure, interoperable way using OAuth 2.0 as the underlying authorization framework.

The protocol supports multiple credential formats including SD-JWT VC, ISO mDL, and W3C Verifiable Credentials. It defines how wallets can discover issuers' capabilities, request credentials, and receive them through standardized endpoints.

Key features include:

  • Support for both issuer-initiated and wallet-initiated credential issuance flows
  • Multiple authorization flows including Authorization Code Flow and Pre-Authorized Code Flow
  • Cryptographic binding of credentials to holder keys
  • Deferred credential issuance for scenarios requiring background processing
  • Metadata discovery for issuer capabilities and credential types
  • Proof of possession mechanisms for key material

Technical Details:

  1. Purpose and Scope:
  • Defines an OAuth 2.0-protected API for verifiable credential issuance
  • Enables interoperable credential issuance across different credential formats
  • Supports both synchronous and asynchronous credential delivery
  1. Key Technical Specifications:
  • Required endpoints:
    • credential_endpoint for issuing credentials
    • Optional nonce_endpoint for proof of possession
    • Optional deferred_credential_endpoint for delayed issuance
    • Optional notification_endpoint for status updates
  1. Implementation Requirements:
  • Must implement OAuth 2.0 authorization
  • Must support TLS for all endpoints
  • Must validate proof of possession for credential binding
  • Must implement metadata discovery mechanisms
  1. Security Considerations:
  • Requires secure key management
  • Implements replay prevention mechanisms
  • Enforces access token validation
  • Supports credential binding to prevent unauthorized use
  1. Interoperability Features:
  • Standardized metadata format
  • Common credential request/response formats
  • Support for multiple credential formats
  • Extensible proof types
  1. Current Status:
  • Active specification under development by the OpenID Foundation
  • Multiple implementations in progress
  • Growing adoption in digital identity ecosystems

The standard represents a crucial building block for interoperable digital credential ecosystems, enabling secure and standardized credential issuance across different platforms and credential formats.

Statistics

Projects Following
Source
23

Under Management at

Project
Website
Source
OpenID for Verifiable Credentials - OID4VC
openid.net

Projects Following or working on this Standard

Project
Website
Source
Inji
docs.inji.io
EWC - EU Digital Identity Wallet Consortia
eudiwalletconsortium.org
MATTR
mattr.global
WaltID
walt.id
PingOne Neo
pingidentity.com
SpruceID
spruceid.com
SpruceID
spruceid.com
cheqd
cheqd.io
EU Digital Identity Wallet
ec.europa.eu
Altme
altme.io
Affinidi Trust Network
affinidi.com
Talao Wallet
talao.io
Talao Wallet
talao.io
Northern Block
northernblock.io
Sphereon Wallet
sphereon.com
Sphereon Wallet
sphereon.com
Masca
masca.io
Lissi ID-Wallet
lissi.id
Procivis One
procivis.ch
Danube Tech
danubetech.com
Swiss e-ID
eid.admin.ch
Paradym Wallet
paradym.id
Curity Identity Server
-

If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page

Our Co-Contributors

We partnered with leading industry experts who help with defining features and working on data quality.

Didas
GLEIF
Danube Tech
Lissi
Digital Trust Venture Partners
Internet Identity Workshop
Esatus
Identity Woman
Mission
Empeira
Dentity
Vereign
Cheqd

Implementation Partners

Perennial Labs
Salon.io
adrianoplegroup

About

The Web of Trust Map is a comprehensive visualization tool that tracks and analyzes the global adoption of decentralized digital identity solutions.

Contact

For inquiries about the Web of Trust Map, please contact us at: [email protected]

Follow Us

Stay updated with the latest developments in decentralized digital identity.

© 2024 Web of Trust Map • Built with force-graph and SvelteKit (MIT)