Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
This section offers an overview of the architecture and technologies utilized in Inji Web, ensuring compatibility, security, and efficiency in the management of Verifiable Credentials.
Inji Web is an intuitive, user-friendly portal designed to helps users to access Verifiable Credentials.
The architecture diagram below illustrates the structure and components of Inji Web, offering a detailed explanation of how the platform operates and how its various elements interact to deliver its features and functionality.
Let's briefly explore the key components of the architecture that constitute Inji Web:
Inji Web: A React-based, user-friendly web portal that allows users to easily download Verifiable Credentials.
Backend for Frontend (BFF): Mimoto acts as the BFF layer for Inji Web, managing both authentication and credential requests. It processes authentication through eSignet for secure user authorization and token issuance, while handling credential issuance requests via Certify.
Authentication Layer: eSignet handles the authentication process, authorizing users, issuing access tokens, and preparing credentials by retrieving necessary data from the credential issuer.
Credential Issuer: Any credential issuer that supports the OpenID4VCI protocol can be listed as a trusted issuer. These issuers provide the user data required for creating and downloading Verifiable Credentials.
Durian: Durian provides persistent storage for Verifiable Credentials, allowing them to be securely stored and accessed later.
Mimoto serves as a Backend for Frontend (BFF) for Inji Web, handling retrieval of default configurations and downloading VCs. It offers essential APIs to Inji Web, facilitates validations, and forwards requests to relevant services.
To support credential issuance from any issuer compatible with the OpenID4VCI protocol, Mimoto must be onboarded as an OIDC client. Refer for more details on how to onboard Mimoto (BFF) as an OIDC client.
Detailed API documentation for Mimoto is accessible .
Configuration details to set up a new provider that can issue VC, can be found in the mimoto-issuers-config.json
property file. Refer to of Collab environment.
In mimoto-issuers-config.json
, new providers can be added as per the well-known schema.
Fetch Issuers:
Fetch Issuer's Configuration:
Download PDF:
Fetch Issuer Credentials:
This API fetches the list of Credential Types offered by the issuer, sourced from the well-known configuration of the issuer. Users can filter credentials based on search parameter.
https://api.collab.mosip.net/v1/mimoto/issuers/{issuer-id}/.well-known
Method Type: GET
Parameter:
issuerid: ID of the issuer in string type.
Response
Response code 200
The following section aims to outline the necessary configuration files required for seamless operation and customization of Inji Web and Mimoto:
repo contains all the necessary configurations for the Inji Stack.
Below property files define the configurations for default properties which are consumed by Inji Web.
inji-default.properties - Default Configuration for Inji Web App is provided here
credential-template.html - PDF Template for Inji Web Credential Download is available here
acts as a BFF layer for both Web and the Wallet. Below mentioned property files define the configurations of default properties which are consumed by Mimoto.
mimoto-default.properties - Contains default Configuration for Mimoto
mimoto-issuers-config.json - Issuers related configuration are provided here.
eSignet provides a user-friendly and efficient method for individuals to authenticate themselves and a access online services. Serving as a dependable identity provider for relying party applications, it grants access to services without requiring additional login credentials. eSignet also provides a secure means of verifying an individual's identity against trusted identity providers, such as national identity databases, driver's license systems, passport systems, or other trusted sources. The level of assurance here is determined by the authentication factor employed. To know more about eSignet, click here.
Let's explore how eSignet integrates with Inji Web and provides authentication solutions for the download workflow as follows:
The User navigates to the Home page of the Inji web application
and selects an issuer and credential type
Next, the authentication page is displayed which is the interface provided by eSignet.
The user enters the required information, such as Policy Number, Name, and Date of Birth. Subsequently, the system gets redirected back to Mimoto to add a client_id and generate a key pair, initiating the request to download the credential
Once Mimoto provides the response with the client_id and key, the credential endpoint of the issuer is invoked to get the credentials
Once the access token is received via the token endpoint from eSignet, Mimoto invokes this endpoint to obtain the Verifiable Credential.
Note: The endpoint attribute is present in the issuer's well-known configuration.
Mimoto
eSignet
Inji Web is currently compatible and certified with the following browsers:
Sl. No. | Browser | Version |
---|---|---|
1.
Google Chrome
103.0.5060.114 and above
2.
Mozilla Firefox
100.0 and above
3.
Microsoft Edge
104.0.1293.47 and above
4.
Mac Safari
14.1 and above
18.2v | React enables building user interfaces from individual units called components. |
4.9.5 | A strongly typed programming language that builds on JavaScript and uses type inference to give great tooling without additional code. |
3.4.3 | A utility-first CSS framework that streamlines web development by providing a set of pre-designed utility classes for rapid styling without writing custom CSS, promoting consistency and scalabilitystrong>. |
14.2.1 | The |
29.7.0 | Jest is a well-known JavaScript testing framework and is extensively used to test React applications |
20.4 and above | Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. |
npm is the package manager for the Node JavaScript platform. It puts modules in place so that node can find them, and manages dependency conflicts intelligently |
depends on Inji-web version | Helm helps in managing Kubernetes applications - helps define, install, and upgrade even the most complex Kubernetes application. Charts are easy to create, version, share, and publish — so start using Helm and stop the copy-and-paste. |
This API is responsible for generating PDFs for the received VC content. It fetches display properties from the well-known configuration of the issuer and incorporates them into the predefined template of the PDF file.
OK
This API provides data with search capability to populate the list of supported issuers in Inji Web, which is then displayed under the List of Issuers
OK
This API provides the complete configuration details for the specific issuers passed in the path variable
OK
Once the access token is received via the token endpoint, Wallet should invoke this endpoint to get the verifiable credential.
Format of the Credential to be issued.
JSON object containing proof of possession of the key material the issued Credential shall be bound to.
The proof object MUST contain a proof_type claim of type JSON string denoting the concrete proof type.
When proof_type is jwt, a proof object MUST include a jwt claim
When proof_type is cwt, a proof object MUST include a cwt claim
JSON object containing (and isolating) the detailed description of the credential type. * This object MUST be processed using full JSON-LD processing. * It consists of the following sub claims: * @context: REQUIRED. JSON array * types: REQUIRED. JSON array. This claim contains the type values the Wallet shall request * in the subsequent Credential Request.
OK
JSON string denoting the format of the issued Credential.
Contains issued Credential. MUST be present when acceptance_token is not returned. MAY be a JSON string or a JSON object, depending on the Credential format.