Understanding the workflow:
The workflow for credential issuance in the described scenario can be summarized as follows:
Initiation of Credential Request:
The identity owner (user) begins the credential request process by accessing the service's landing page.
Authentication Process:
The user is directed to an authentication page managed by a backend system that implements OpenID Connect (OIDC).
The user's personally identifiable information (PII) is sent to the authentication layer for verification against the identity registry.
Issuance of Authentication Code:
Upon successful verification, the authentication layer generates an authentication code. This code is typically valid for a single use and is provided to third-party web services.
Token Retrieval:
The third-party web service retrieves an access token using the authentication code received from eSignet.
Passing the Access Token to Certify Service:
The access token obtained from the third-party web service is passed to the Certify service.
Credential Issuance:
Certify service verifies the access token to ensure its validity.
Once verified, Certify uses its credential service to issue the requested credential.
The issued credential is then passed back to the identity owner (user) through the appropriate channels, completing the credential issuance process.
Note: The authentication layer, we will take an example here as eSignet, to have a better understanding of the workflow and this facilitates secure verification of user identities through a robust backend implementing OpenID Connect.
This workflow ensures that the credential issuance process is secure and follows best practices for identity verification and token management. It leverages OpenID Connect for authentication, integrates with eSignet for identity verification, and utilizes access tokens to facilitate secure communication between services. By following this structured approach, Inji Certify ensures that credentials are issued reliably and securely to authorized identity owners.
Currently, Inji Certify offers the following features:
Credential Issuance
Verifiable Credential Issuance: Enables issuers to seamlessly issue verifiable credentials using the Inji Certify core component (This eSignet VCI segregated to Inji Certify)
Integration Capabilities: Supports integration with:
MOSIP Identity Plugin for identity verification.
Sunbird Plugin for seamless integration with Sunbird services.
Mock IDA Plugin for testing and development purposes.
Multiple Credential Schemas: Allows configuration of multiple credential schemas for various certificate types.
JSON-LD Format: Generates certificates compliant with W3C VC v1.1 standards in JSON-LD format, ensuring interoperability and compatibility.
Ease of Installation
Streamlined Setup: Simplifies installation with a single shell startup script connecting Docker-compose scripts.
Helm Support: Provides Helm support for deployment flexibility.
User-Friendly: Emphasizes ease of use, reducing complexity and deployment time.
Inji Certify streamlines the issuance of verifiable credentials with robust integration capabilities and a straightforward installation process. It supports multiple credential schemas and ensures compliance with industry standards, making it a versatile solution for organizations needing secure and efficient credential management. Check Inji Certify Repository to explore these above features!
Inji Certify is a powerful tool that enables issuers to seamlessly connect with existing data sources to issue verifiable credentials. This Functional Overview provides an understanding of the key functionalities of Inji Certify’s first version. It serves as a versatile solution for both organizations and individuals looking to issue and manage digitally verifiable credentials efficiently. By connecting with existing databases and offering configurable credential schemas, it caters to diverse use cases across different sectors and industries.
The intended users of Inji Certify are divided into two main groups:
Educational Institutions: Such as universities, colleges, and training centers that need to issue academic certificates, diplomas, transcripts, and other educational credentials.
Employers: Companies and businesses that issue employment certificates, offer letters, salary slips, and letters of recommendation to employees.
Government Agencies: Entities that issue identity documents, licenses, permits, and other official certifications.
Professional Associations: Organizations that issue professional certifications, licenses, and endorsements for specific skills or achievements.
Streamlined Credential Issuance: Automates the process of issuing verifiable credentials, reducing manual work and administrative overhead.
Enhanced Security: Ensures that issued credentials are authentic and tamper-proof.
Interoperability: Supports industry standards, making credentials easily verifiable by other systems and platforms.
Educators: Tuition teachers, tutors, and trainers who need to issue certificates for completed courses, tests, or quizzes.
Employers: Small business owners and managers who issue personalized letters of recommendation or verification of employment.
Professionals: Freelancers, consultants, and other professionals who provide certifications or endorsements for skills, achievements, and project completions.
Empowerment: Allows individuals to create and manage verifiable credentials for various purposes, enhancing trust and credibility in their professional and personal interactions.
Ease of Use: Simplifies the process of generating and storing digital credentials.
Verification: Ensures that credentials issued by individuals are recognized as authentic and verifiable.
Inji Certify is designed to meet the needs of both organizations and individuals by providing a robust, secure, and easy-to-use platform for issuing and managing verifiable credentials. By supporting multiple data formats and integrating seamlessly with existing databases, Inji Certify caters to diverse use cases across various sectors and industries.
Verifiable Credential Issuance: Seamlessly issues verifiable credentials with enhanced integration capabilities, including:
MOSIP Identity Plugin: Integrates with MOSIP for identity verification.
Sunbird Plugin: Facilitates seamless integration with Sunbird services.
Mock IDA Plugin: Allows for testing and development purposes.
Ease of Installation: Utilizes Docker-compose scripts for quick deployment. Includes comprehensive documentation for efficient utilization of data registry plugins.
JSON-LD Support: Ensures compliance with W3C VC v1.1 standards, promoting interoperability and adherence to industry specifications.
Simplified Issuer Onboarding: Automates key generation and configuration to reduce manual steps for new issuers.
Pluggable Data Sources Support: Enables credential issuance directly from existing databases, enhancing efficiency and accessibility.
Revocation Mechanism: Introduces a robust method to revoke credentials when necessary, ensuring credential integrity.
Vault Integration: Enhances security and management of credentials with advanced vault integration capabilities.
SD-JWT Support: Strengthens security through enhanced token-based authentication and authorization capabilities.
Multi-tenancy: Supports multiple issuers on a single instance of Inji Certify, ensuring data segregation and security for diverse organizational needs.
