eSignet - Authentication Layer

eSignet provides a user-friendly and efficient method for individuals to authenticate themselves and a access online services. Serving as a dependable identity provider for relying party applications, it grants access to services without requiring additional login credentials. eSignet also provides a secure means of verifying an individual's identity against trusted identity providers, such as national identity databases, driver's license systems, passport systems, or other trusted sources. The level of assurance here is determined by the authentication factor employed. To know more about eSignet, click here.

Let's explore how eSignet integrates with Inji Web and provides authentication solutions for the download workflow as follows:

Download VC

The User navigates to the Home page of the Inji web application and selects an issuer and credential type
Next, the authentication page is displayed which is the interface provided by eSignet.
The user enters the required information, such as Policy Number, Name, and Date of Birth. Subsequently, the system gets redirected back to Mimoto to add a client_id and generate a key pair, initiating the request to download the credential
Once Mimoto provides the response with the client_id and key, the credential endpoint of the issuer is invoked to get the credentials

Credential endpoint

Once the access token is received via the token endpoint from eSignet, Mimoto invokes this endpoint to obtain the Verifiable Credential.

Note: The endpoint attribute is present in the issuer's well-known configuration.

VC Issuance endpoint

Once the access token is received via the token endpoint, Wallet should invoke this endpoint to get the verifiable credential.

POSThttps://esignet.collab.mosip.net/v1/esignet/vci/credential

Authorization

Body

format*enum

Format of the Credential to be issued.

ldp_vcjwt_vc_jsonjwt_vc_json-ld

proof*CredentialProof

JSON object containing proof of possession of the key material the issued Credential shall be bound to.

credential_definition*CredentialDefinition

JSON object containing (and isolating) the detailed description of the credential type. * This object MUST be processed using full JSON-LD processing. * It consists of the following sub claims: * @context: REQUIRED. JSON array * types: REQUIRED. JSON array. This claim contains the type values the Wallet shall request * in the subsequent Credential Request.

Response

Body

format*string

JSON string denoting the format of the issued Credential.

credential*objectstring

Contains issued Credential. MUST be present when acceptance_token is not returned. MAY be a JSON string or a JSON object, depending on the Credential format.

Request

Response

Last updated 6 months ago