Build your Remote Verifier

Overview

This is a Web application (Backend Restful service) that acts as a Verifier/RP trusted end-point that implements OpenId4VP (1.0) protocol. This backend service is accompanied by a Web UI application

Application exposes two APIs

• Verifier API.
• Wallet API.

The Verifier API, supports two operations:

• Initialize Transaction, where Verifier may define whether it wants to request a SIOP or OpenID4VP or combined request
• Get Wallet response, where Verifier receives a vp_token, or an error

An Open API v3 specification of these operations is available here.

The Wallet API, provides the following main operations

• Get Request Object according JWT Secured Authorization Request.
• Direct Post according to OpenID4VP direct_post.

Please note that

• Both APIs need to be exposed over HTTPS.
• Verifier API needs to be protected to allow only authorized access.

Both of those concerns have not been tackled by the current version of the application, since in its current version is merely a development tool, rather a production application.