Condatis has developed a bridge that allows services already using OIDC to connect with holders of SSI wallets when requesting the data required to grant users access to their services.
Systems that can readily accept consumers, customers or staff identity are readily available in corporations.
The bridge integrates digital wallets to federation sources without changing the underlying services.
To the service, the bridge looks like an Identity provider, whereas to the digital wallet, the bridge looks just like another verifier.
Since the bridge codifies the enterprise’s trust framework, all the service has to do is to call this new Identity provider with a reference to the data it wants.
The figure below references a data model with a proof request template as well as an allowed values filter. If you have any questions regarding the Condatis SSI OIDC Bridge, contact us on firstname.lastname@example.org
Multi SSI Stack
A significant advantage of multi SSI stack model is that the SSI bridge interacts with the two primary SSI technology stacks currently in the community.
The bridge has a built-in agent for Hyperledger Aries using Evernym’s Verity product and supports the OIDC SIOP protocol, as well as the Self Issued Open ID Provider (SIOP) Protocol. This model allows holders to use an Aries compatible wallet like Evernym’s Connect.Me, as well as Microsoft’s Authenticator app.
The Condatis SSI package
The OIDC bridge builds on the experience of Condatis’ team to abstract SSI technology and makes it more useable and quicker to deploy. The OIDC bridge sits on top of the Condatis SSI Middleware that orchestrates interoperability and abstracts the underlying protocol stacks.
Other modules in the Condatis’ SSI package that also build on the same middleware are:
Condatis SSI Issuer: the issuer allows simple issuing of verifiable credentials
Condatis SSI Verifier: the verifier allows verification based on a given proof request template
Condatis SSI Protocol Handshake Provider: this module makes it possible to offer either protocol to the consuming user and provides mediation between the Hyperledger Aries and OIDC SIOP protocol families
Features & Benefits
Bring Your Own Wallet (BYOW)
Interoperate with your existing systems
SSI credentials as OIDC claims
OIDC authentication as SSI proof requests
SSI proof responses as OIDC claims
Build on existing Azure infrastructure
Support the widest customer base, now and in the future
Interoperate with your relying party applications
Just on-board a new identity provider (SSI Bridge)
Minimise time to deploy: integrate in a sprint
Benefits to service providers
makes existing OIDC-based applications available to a wider audience without the need for recoding
removes the need for developer training in SSI protocols
provides access to new wallet vendors as soon as support by the bridge is released
enhanced trust in returned data through cryptographic verification and dynamic revocation checking
Benefits to service users
supports multiple wallet vendors, giving end-users control over their choice of technology
maintains privacy by ensuring that only the minimum data required by the service provider is disclosed (e.g. meets age restriction without disclosing date of birth)
Unlock your business’ potential with Self-Sovereign Identity
Self-sovereign is a new and exciting identity paradigm. We can help you evaluate SSI technologies and where SSI fits in your business.