Here is a comprehensive summary of the features offered by Inji Web.

Download Verifiable Credentials (VC):

Inji Web's user-friendly interface simplifies the process of downloading your VCs as PDF files in four simple steps. Here’s how it works:

• Access the Inji web portal: Users can access the Inji Web Portal which is compatible with popular browsers such as Chrome, Firefox, Safari and Edge to mention a few

• Select Issuer and Credential: Users can easily choose an issuer from the provided list and select the credential type offered by the issuer

• Verification Process: Verification ensures that only authorized individuals can access and download the requested VCs. This adds an extra layer of security, preventing unauthorized access and ensuring that credentials are obtained only by the rightful owner

• Download Credential: Users can securely download and store their digital VCs in PDF format

For more detailed information on each step and the underlying systems, click here.

Store Verifiable Credentials (VC):

Inji Web provides users with a secure and reliable way to store Verifiable Credentials using Durian, a highly secure data storage solution. The downloaded credential is safely stored within the platform, ensuring they have access to it whenever needed via a QR Code. This secure storage feature guarantees that credentials are protected from unauthorized access while remaining accessible for future use.

The stored credentials are available anytime, enabling users to retrieve them quickly without having to repeat the download process. Whether for personal use or to meet credential presentation requests, Inji Web ensures your VCs are always securely stored and readily available.

For more detailed information on each step and the underlying systems, click here.

Share Verifiable Credentials (VC):

Inji Web makes it easy for users to share their Verifiable Credentials with service providers or organizations. Each downloaded credential includes a QR code embedded within the PDF, offering multiple ways to share it. Users can present the QR code in person by printing the PDF or upload the file directly to a verifier's website for remote verification.

For added convenience, Inji Web supports online sharing methods where users can respond to a verifier’s presentation request, allowing seamless sharing of the VC. This flexible sharing feature empowers users to share their credentials securely and effortlessly, adapting to different verification environments.

For more detailed information on each step and the underlying systems, click here.

What is Inji Web?

Inji Web, akin to the Inji Wallet, is a user-friendly web portal designed to facilitate the process of securely downloading, storing, managing and sharing Verifiable Credentials through a web interface. This easy-to-use platform enables users to access and store their credentials, ensuring confident presentation to service providers for verification and service access, with ease and reliability. Rooted by the principles of inclusivity, Inji Web endeavors to empower individuals to access benefits or services even without smartphones.

With its simple and intuitive interface, Inji Web offers features similar to the mobile wallet, catering to a variety of use cases. Whether you are a resident needing VCs for identity verification, a student seeking academic credentials, a professional verifying employment, or an organization enhancing business operations, Inji Web provides easy access to your credentials tailored to your specific needs.

By facilitating the issuance, verification and sharing of credentials in a secure and efficient manner, Inji Web plays a pivotal role in fostering trust amongst the service providers.

How does Inji web work?

• Users can simply visit the Inji web portal, where they can select an issuer from the list of trusted options and choose the desired credential for download

• To proceed, users are required to authenticate themselves by providing relevant information such as National ID, Registration Number, Name, Date of Birth, etc., enabling them to securely manage, store, and share the credential

• Upon successful validation, the Verifiable credential is promptly downloaded as a PDF, along with a QR code issued by the Issuer

• Once downloaded, users have the flexibility to share the Verifiable credential with relying parties either as a physical copy or by facilitating QR code scanning or uploading the PDF on the verifier site

• As we progress, additional features are planned to be seamlessly integrated into Inji Web

• Inji ensures the integrity of digital signatures provided by issuers for each ID before Verifiable Credentials are downloaded as PDFs within the system

• Furthermore, Inji Web is designed to be compatible with the OpenID protocol, offering the flexibility to onboard various Identity Providers (IdP). This empowers users with multiple options for Verifiable Credential (VC) issuers

Backend systems

Inji Web interacts with:

• Mimoto APIs for managing issuers details, facilitate VC download and generate PDF

• eSignet APIs for authentication

More on Inji Web:

To learn more about the Features provided by Inji Web, click here

For information on the Roadmap for Inji Web, click here.

This section offers an overview of the architecture and technologies utilized in Inji Web, ensuring compatibility, security, and efficiency in the management of Verifiable Credentials.

Verifiable Credentials (VCs) are digital equivalents of physical documents such as passports or licenses. They are digitally signed, ensuring they are tamper-resistant and can be instantly verified. Issued by trusted entities, VCs can be stored in digital wallet apps like Inji Wallet or downloaded as a PDF file by individuals using Inji Web, a smart web-based solution.

Below are the key features provided by Inji Web:

Download

With Inji Web, users can effortlessly select an issuer from a trusted list, verify their information, and download their Verifiable Credential in a convenient PDF format. This streamlined process ensures quick access to trusted credentials in just a few clicks.

Store

Inji Web also offers secure storage for Verifiable Credentials, providing users with the flexibility to access and present their credentials anytime, anywhere. This ensures that users are always prepared to share their credentials, whether they’re at home or on the go.

Share

Sharing credentials is made simple with Inji Web. The PDF version of the Verifiable Credential includes a QR code that can be shared with service providers either by presenting a printed copy, uploading the PDF to a verifier's website, or sharing it digitally through an online mechanism. This allows for quick and easy verification in response to any verifier’s presentation request, offering maximum convenience for users.

Manage (coming soon)

Users can view the downloaded credentials and access their activity logs for additional auditing purposes.

This document serves as a concise guide for end users, providing comprehensive step-by-step information on the features and functionalities offered by Inji Web.

Download of National ID VC as PDF

To download a National ID VC using eSignet as authentication layer (OTP method), please follow the below mentioned steps:

Step1: Launch the Inji Web application in your web browser.

Step2: Search for an issuer by name in Search box.

Step3: In the Home page, from the section, List of Issuers section, click on issuers' tile to land in Credential Types selection page.

Step4: Click on a Credential Type tile and authenticate in the eSignet page by providing the required details.

Note: All the fields are mandatory.

Step5: Credential is downloaded in the background and PDF will be generated and stored in the Downloads folder of the system.

Step6: Upon successful PDF generation, user can view the PDF of the downloaded VC (National ID).

Download of Insurance ID VC as PDF

To download a Insurance ID VC using eSignet as authentication layer (KBI method), please follow the below mentioned steps:

Step1: Launch the Inji Web application in your web browser.

Step2: Search for an issuer by name in Search box.

Step3: In the Home page, from the section, List of Issuers section, click on issuers' tile to land in Credential Types selection page.

Step4: In the Credentials Types selection page, choose a credential type from the List of Credentials section or Search for a credential type in the search box.

Step5: Click on a Credential Type tile and authenticate in the eSignet page by providing the required details.

Note: All the fields are mandatory.

Step5: Credential is downloaded in the background and PDF will be generated and stored in the Downloads folder of the system.

Step6: Upon successful PDF generation, user can view the PDF of the downloaded VC (Insurance ID).

Help

Help section can be accessed from any page of the application. You can find some FAQs as mentioned here.

Language Selection

Users can choose a different language from the options listed. Inji Web supports 3 International Language (English, French and Arabic) and 3 Indian Languages (Tamil, Hindi and Kannada).

Step1: Click on the dropdown next to the English.

Responsive Views

Inji Web is now responsive supporting a wide range of devices (Smartphones & Tablets) for the ease of use. Let's look at how the interface looks on a phone and a tablet.

Mobile devices

Tablet devices

Inji Web is an intuitive, user-friendly portal designed to helps users to access Verifiable Credentials.

The architecture diagram below illustrates the structure and components of Inji Web, offering a detailed explanation of how the platform operates and how its various elements interact to deliver its features and functionality.

Architecture Components

Let's briefly explore the key components of the architecture that constitute Inji Web:

1. Inji Web: A React-based, user-friendly web portal that allows users to easily download Verifiable Credentials.

2. Backend for Frontend (BFF): Mimoto acts as the BFF layer for Inji Web, managing both authentication and credential requests. It processes authentication through eSignet for secure user authorization and token issuance, while handling credential issuance requests via Certify.

3. Authentication Layer: eSignet handles the authentication process, authorizing users, issuing access tokens, and preparing credentials by retrieving necessary data from the credential issuer.

4. Credential Issuer: Any credential issuer that supports the OpenID4VCI protocol can be listed as a trusted issuer. These issuers provide the user data required for creating and downloading Verifiable Credentials.

5. Durian: Durian provides persistent storage for Verifiable Credentials, allowing them to be securely stored and accessed later.

The backend services section provides an in-depth overview of the backend components and functionalities of Inji Web. It offers insights into data management, authentication processes, and communication between the frontend and backend systems.

The following section aims to outline the necessary configuration files required for seamless operation and customization of Inji Web and Mimoto:

repo contains all the necessary configurations for the Inji Stack.

Inji Web:

Below property files define the configurations for default properties which are consumed by Inji Web.

• inji-default.properties - Default Configuration for Inji Web App is provided here

• credential-template.html - PDF Template for Inji Web Credential Download is available here

Mimoto:

acts as a BFF layer for both Web and the Wallet. Below mentioned property files define the configurations of default properties which are consumed by Mimoto.

• mimoto-default.properties - Contains default Configuration for Mimoto

• mimoto-issuers-config.json - Issuers related configuration are provided here.

This document outlines the workflow for key functionalities of Inji Web.

Download & Store Verifiable Credentials as PDF

The image below illustrates the workflow for the VC download process and explains the various components involved in this flow.

Reference Implementation: Download of Insurance VC (Veridonia Insurance) with as identification partner

Components

• Inji Web: A web application featuring an intuitive, user-friendly interface for easy VC downloads by the user

• Mimoto: The BFF (Backend for Frontend) for Inji Web, which retrieves default configurations and provides all necessary APIs to facilitate downloads. Mimoto receives requests from Inji, performs validations, and forwards them to respective services.

• eSignet: Inji Web showcases the VC download process using the OpenID4VCI method with eSignet. In this workflow, eSignet provides the authentication, authorization and credential issuance end points to connect to the credential provider

• Durian: A secure data storage solution integrated with Inji Web, used to store Verifiable Credentials securely. Durian ensures that the credentials are safely stored and readily accessible for users whenever needed, providing strong protection against unauthorized access.

Understanding the workflow

1. Accessing Inji Web:

   i. Users navigate to the Inji Web portal from their web browser

   ii. The portal features a user-friendly interface accessible to all

2. Choose an Issuer and credential type:

   i. Users can select an Issuer from the list of trusted issuers

   ii. Users can choose a credential type from the available options provided by the issuers

3. Authentication:

   i. In this reference implementation, the Insurance use case is demonstrated using Veridonia Insurance Credentials

   ii. Users are required to provide their Policy Number, Date of Birth, and Name for verification

   iii. The provided information is then verified against the issuer's records

4. Verifiable Credentials Storage:

   i. After successful verification, the Verifiable Credential is securely stored in Durian, the platform’s secure storage solution.

   ii. This ensures that users have reliable and convenient access to their credentials whenever needed, while maintaining strong protection against unauthorized access.

5. QR Code Generation:

   i. During the download process, after securely storing the Verifiable Credential, Inji Web generates a QR code that is embedded within the PDF of the Verifiable Credential.

   ii. Based on the set configuration as per the issuer, the QR Code will either contain a Verifiable Presentation request or an embedded Verifiable Credential.

   iii. The QR code facilitates easy sharing and verification of the credential by scanning it or uploading the PDF file to the verifier's system.

6. Credentials Download:

   i. Upon successful authentication, the Verifiable Credential is downloaded in PDF format.

   ii. The downloaded PDF, containing the QR code, is saved in the “Downloads” folder on the user’s device.

Share Verifiable Credentials as PDF

The image below illustrates the workflow for the VC Share process and explains the various components involved in this flow.

_Reference Implementation: Sharing of Insurance VC (Veridonia Insurance)

Components

• Inji Web: A web application featuring an intuitive, user-friendly interface for easy VC downloads by the user

• Inji Verify: Inji Verify is a powerful verification platform designed to authenticate and validate Verifiable Credentials (VCs). It allows users or organizations to scan QR codes or upload credential files for secure and efficient verification. Built with flexibility and compliance with OpenID standards, Inji Verify ensures seamless integration with trusted credential providers for smooth and reliable credential validation.

• Mimoto: The BFF (Backend for Frontend) for Inji Web, which retrieves default configurations and provides all necessary APIs to facilitate downloads. Mimoto receives requests from Inji, performs validations, and forwards them to respective services.

• Data Share: A secure data storage solution integrated with Inji Web, used to store Verifiable Credentials securely. Data Share ensures that the credentials are safely stored and readily accessible for users whenever needed, providing strong protection against unauthorized access.

Understanding the workflow

Downloading the Verifiable Credential:

i. The user accesses Inji Web to download the Verifiable Credential in PDF format, which contains an embedded QR code.

ii. The QR code is used for sharing and allows verifiers to easily verify the credential by scanning or uploading it.

Launching Inji Verify:

i. Once the user is ready to share their Verifiable Credential, they launch the Inji Verify platform.

ii. Inji Verify is where verifiers can either scan the QR code from a printed or digital PDF or upload the PDF containing the QR code.

Authorization and Verification Request:

i. After the user uploads the QR code to Inji Verify, the platform sends a request to Inji Web for authorization to access the user's credential data.

ii. Inji Web verifies the legitimacy of the verifier and proceeds to authorize the request.

Retrieving Verifiable Credential:

i. Once authorized, Inji Verify communicates with the Data Share component to retrieve the stored Verifiable Credential.

ii. Data Share securely provides the Verifiable Credential to Inji Verify.

Verification and Display:

i. Inji Verify checks the authenticity of the Verifiable Credential and confirms its validity.

ii. The user or verifier is then shown the verified Verifiable Credential, confirming that the sharing process was successful.

Inji Web is currently compatible and certified with the following browsers:

Mimoto serves as a Backend for Frontend (BFF) for Inji Web, handling retrieval of default configurations and downloading VCs. It offers essential APIs to Inji Web, facilitates validations, and forwards requests to relevant services.

To support credential issuance from any issuer compatible with the OpenID4VCI protocol, Mimoto must be onboarded as an OIDC client. Refer for more details on how to onboard Mimoto (BFF) as an OIDC client.

Detailed API documentation for Mimoto is accessible .

Mimoto endpoints used by Inji Web:

1. Fetch Issuers:

1. Fetch Issuer's Configuration:

1. Download PDF:

1. Fetch Issuer Credentials:

This API fetches the list of Credential Types offered by the issuer, sourced from the well-known configuration of the issuer. Users can filter credentials based on search parameter.

https://api.collab.mosip.net/v1/mimoto/issuers/{issuer-id}/.well-known

Method Type: GET

Parameter:

issuerid: ID of the issuer in string type.

Response

Response code 200

Version: 0.10.0

• Name: Inji Web 0.10.0

• Date: 16th October, 2024

• Release Notes

Version: 0.9.0

• Name: Inji Web 0.9.0

• Date: 29th June, 2024

• Release Notes

Version: 0.8.1

• Name: Inji Web 0.8.1 (Patch)

• Date: 22nd May, 2024

• Release Notes

Version: 0.8.0

• Name: Inji 0.8.0

• Date: 26th April, 2024

• Release Notes

eSignet provides a user-friendly and efficient method for individuals to authenticate themselves and a access online services. Serving as a dependable identity provider for relying party applications, it grants access to services without requiring additional login credentials. eSignet also provides a secure means of verifying an individual's identity against trusted identity providers, such as national identity databases, driver's license systems, passport systems, or other trusted sources. The level of assurance here is determined by the authentication factor employed. To know more about eSignet, click here.

Let's explore how eSignet integrates with Inji Web and provides authentication solutions for the download workflow as follows:

Download VC

• The User navigates to the Home page of the Inji web application and selects an issuer and credential type

• Next, the authentication page is displayed which is the interface provided by eSignet.

• The user enters the required information, such as Policy Number, Name, and Date of Birth. Subsequently, the system gets redirected back to Mimoto to add a client_id and generate a key pair, initiating the request to download the credential

• Once Mimoto provides the response with the client_id and key, the credential endpoint of the issuer is invoked to get the credentials

Credential endpoint

Once the access token is received via the token endpoint from eSignet, Mimoto invokes this endpoint to obtain the Verifiable Credential.

Note: The endpoint attribute is present in the issuer's well-known configuration.

Testing Scope

The scope of testing is to verify fitment to the specification from the perspective of

• Functionality

• Deploy ability

• Configurability

• Customizability

Verification is performed not only from the end user perspective but also from the System Integrator (SI) point of view. Hence Configurability and Extensibility of the software is also assessed. This ensures the readiness of software for use in multiple countries. MOSIP is an “API First” product platform.

Testing scope has been focused on the below features:

• Inji Web Home page

• Issuer selection in the “Home Page”

• Issuers support

• Localization support

• Login fail error message

• Motor Insurance credential

• Multi languages support

• PDF Generation and auto download

• PDF View

• Responsive view of the web

• Retrieve credential types

• Retrieve issuers list

• Search bar functionality

• Success/Failure notifier after downloading the VC PDF

• Theme update

• Authenticate user credentials

• Data in VC(PDF) Alignment

• Download Credential

• Download VC as PDF

• Error message when the website is down

Test Approach

Persona based approach has been adopted to perform the IV&V, by simulating test scenarios that resemble a real-time implementation.

A Persona is a fictional character/user profile created to represent a user type that might use a product/or a service in a similar way. Persona based testing is a software testing technique that puts software testers in the customer's shoes, assesses their needs from the software and thereby determines use cases/scenarios that the customers will execute. The persona needs may be addressed through any of the following.

• Functionality

• Deploy ability

• Configurability

• Customizability

The verification methods may differ based on how the need was addressed.

Verified configuration

Verification is performed on various configurations as mentioned below

Default configuration - with 6 Lang

• English

• French

• Arabic

• Hindi

• Tamil

• Kannada

Feature Health

Test execution statistics

Functional test results

Below are the test metrics by performing functional testing. The process followed was black box testing which based its test cases on the specifications of the software component under test. Functional test was performed in combination of individual module testing as well as integration testing. Test data were prepared in line with the user stories. Expected results were monitored by examining the user interface. The coverage includes GUI testing, System testing, End-To-End flows across multiple configurations. The testing cycle included simulation of multiple identity schema and respective UI schema configurations.

Here is the detailed breakdown of metrics for each module:

Detailed Test metrics

Below are the detailed test metrics by performing manual/automation testing. The project metrics are derived from Defect density, Test coverage, Test execution coverage, test tracking and efficiency.

The various metrics that assist in test tracking and efficiency are as follows:

• Passed Test Cases Coverage: It measures the percentage of passed test cases. (Number of passed tests / Total number of tests executed) x 100

• Failed Test Case Coverage: It measures the percentage of all the failed test cases. (Number of failed tests / Total number of test cases executed) x 100

Git hub link for the xls file:

<TBD>

Release Name: Inji Web 0.10.0

Support: Developer

Release Date: 16th October, 2024

Overview

We are pleased to announce the release of Inji Web Version 0.10.0! This release introduces exciting new features, including the effortless sharing of Verifiable Credentials via a QR code embedded directly within the credential PDF, making sharing smoother than ever! This feature empowers users to quickly share their credentials with service providers, ensuring a seamless and secure verification process in online mode.

Key highlights include:

• Online Sharing Feature: Introducing seamless online sharing of Verifiable Credentials through integration with Data Share and Inji Verify modules, ensuring quick and secure sharing between users and verifiers.

• Compliance with OpenID4VCI Draft 13: Full support for the Draft 13 changes of the OpenID4VCI specification, aligning Inji Web with the latest standards for Verifiable Credentials.

• Integration with Certify & eSignet: Streamlined credential issuance through Inji Certify and eSignet authentication, enabling smoother, secure interactions with trusted credential issuers.

Features Covered:

Below are the key features as part of this release:

• Online Sharing: Verifiable Credentials can now be easily shared online using the QR Code on the credential PDF. This feature is dependent on integrations with the Data Share and Inji Verify modules, ensuring a secure and convenient mechanism for sharing credentials.

• Draft 13 Changes for OpenID4VCI: Inji Web now adheres to the latest Draft 13 of the OpenID4VCI spec, making it fully compatible with the most recent standards in credential issuance and verification.

• Integration with Certify and eSignet:

  • Authentication: eSignet is integrated for user authentication, providing a robust and secure method to authenticate and authorize users in compliance with OpenID4VCI.

  • Credential Issuance: Inji Certify is responsible for issuing credentials by the new standards, ensuring a smooth issuance process after successful authentication.

Repositories Released:

Compatible Modules:

The following table outlines the tested and certified compatibility of Inji Web 0.10.0 with other modules.

Bugs/Security Fixes

Known Open Bugs

Below is the list of known issues. To read in detail click here.

Documentation

• Feature documentation

• User guide

• QA Report

• API Documentation

Testing Scope

The scope of testing is to verify fitment to the specification from the perspective of

• Functionality

• Deployability

• Configurability

• Customizability

Verification is performed not only from the end user perspective but also from the System Integrator (SI) point of view. Hence Configurability and Extensibility of the software is also assessed. This ensures readiness of software for use in multiple countries. Since MOSIP is an “API First” product platform.

Testing scope has been focused around the below features:

• Inji Web Home page

• Issuer selection in the “Home Page”

• Authenticate user credentials

• PDF Generation and auto download

• Download Credential

• Success/Failure notifier after downloading VC

• Download VC as PDF

• Retrieve issuers list

• Retrieve credential types

• Search bar functionality

Test Approach

Persona based approach has been adopted to perform the IV&V, by simulating test scenarios that resemble a real-time implementation.

A Persona is a fictional character/user profile created to represent a user type that might use a product/or a service in a similar way. Persona based testing is a software testing technique that puts software testers in the customer's shoes, assesses their needs from the software and thereby determines use cases/scenarios that the customers will execute. The persona needs may be addressed through any of the following.

• Functionality

• Deployability

• Configurability

• Customizability

The verification methods may differ based on how the need was addressed.

Verified configuration

Verification is performed on various configurations as mentioned below

• Default configuration - with 1 Lang

  • English

Feature Health

Test execution statistics

Functional test results

Below are the test metrics by performing functional testing. The process followed was black box testing which based its test cases on the specifications of the software component under test. Functional test was performed in combination of individual module testing as well as integration testing. Test data were prepared in line with the user stories. Expected results were monitored by examining the user interface. The coverage includes GUI testing, System testing, End-To-End flows across multiple configurations. The testing cycle included simulation of multiple identity schema and respective UI schema configurations.

Here is the detailed breakdown of metrics for each module:

Detailed Test metrics

Below are the detailed test metrics by performing manual/automation testing. The project metrics are derived from Defect density, Test coverage, Test execution coverage, test tracking and efficiency.

The various metrics that assist in test tracking and efficiency are as follows:

• Passed Test Cases Coverage: It measures the percentage of passed test cases. (Number of passed tests / Total number of tests executed) x 100

• Failed Test Case Coverage: It measures the percentage of all the failed test cases. (Number of failed tests / Total number of test cases executed) x 100

Git hub link for Test-Report files (MS Word and Excel):

UI & Rest end points

The table below outlines the frameworks, tools, and technologies employed by Inji Web:

Deployment

The table below specifies the tools to deploy Inji Web:

Release Name: Inji Web 0.8.1 (Patch)

Support: Developer Release

Release Date: 22nd May, 2024

Overview

Inji Web 0.8.1 addresses critical installation issues by fine-tuning the installation script with minor corrections. Additionally, the update to the Helm chart name helm -n $NS install injiweb mosip/injiweb \ in the install.sh script ensures seamless deployment.

Repository Released

Documentation

• Feature documentation

• User guide

Explore and experiment with Inji Web's features in our Collab sandbox environment. Test out the functionalities, explore integrations, and innovate with us.

Refer to know more about how you can explore 'Inji Web' in our 'sandbox collab environment'.

This document aims to assist users in setting up Inji Web on their local environment, offering step-by-step instructions to replicate the platform's functionality on their machine for development or testing purposes.

Repositories:

Clone the repositories in the local to bring up your own setup. Repository information can be fetched from .

Pre-requisite:

In order to run Inji Web locally, Node 18 is required. Please follow the below step to install node.

Node 18 - Can be installed using . Run following commands to install node

Folder Structure:

• helm: folder contains helm charts required to deploy on K8S

• inji-web: contains the source code and Dockerfile

Run mimoto in local:

Running Mimoto locally involves setting up a development environment using Docker Compose. This allows you to test and develop the Backend for Frontend (BFF) service on your own machine, simulating its functionality such as handling API requests and performing validations. By using Docker Compose, you can easily manage Mimoto’s dependencies and configurations, ensuring a streamlined and controlled environment for development and troubleshooting before moving to production.

To setup mimoto in local, read

Run Durian in local:

Running Durian locally is achieved through install scripts, enabling developers to set up and manage the secure data storage environment with ease. By using these scripts, you can test and validate Durian’s functionality, such as storing and retrieving Verifiable Credentials, on your local machine. This setup ensures a flexible and reliable development environment, allowing for thorough testing and configuration before moving to a live environment.

Run Inji Web in local:

Let's explore how to initiate Inji Web locally after completing the setup on your local environment.

• Run following commands to start the application:

Troubleshooting:

• Once proxy server is up, use proxy server in Inji Web.

Tests

• Run npm test to run tests

Build and run Docker for a service:

Welcome to the Inji Web Guide tailored specifically to our Collab Environment!

Follow through the steps outlined in this guide and explore the Inji Web in our sandbox Collab environment for its features and functionalities.

Whether you're a Developer, System Integrator, or an enthusiast eager to dive into the world of digital identity, the guide is going to provide you with the necessary information to get started with Inji Web in our environment.

Explore with mock data

If you are looking to try out Inji Web in our Collab environment, please follow the below procedure:

1. To get sample National ID credentials, we request you to initiate the process by completing the form available.

2. For sample Insurance Credentials (StayProtected), please provide the below details in the eSignet authentication page:

   • Policy Number: 170-620-124

   • Name: Abhishek G

   • DoB: 07/07/1995

Steps to use:

• Launch to access collab environment resources.

• Click on the INJIWEB link which will launch the Inji Web portal in the browser.

• Refer for step-wise download.

• Provide the above credentials in the eSignet page to download the credentials.

• QR Code for StayProtected credentials is present in the detailed view.

Create your own Credentials

This section outlines the process of creating your own insurance credentials:

Step 1: Creation:

Inji Certify also offers to generate your own credentials which can be used for testing / development purposes.

Inji Web is built using tailwind CSS library.

Below sections provides instructions on how themes can be customized in Inji Web application.

Steps:

InjiWeb uses two different files to handle the customization in UI.

1. tailwind.config.js:

Here, properties related to the font and colors for each component is maintained.

```jsx
/** @type {import('tailwindcss').Config} */
module.exports = {
    darkMode: 'selector',
    content: [
        "./src/**/**/*.{js,jsx,ts,tsx}",
    ],
    theme: {
        extend: {
            fontFamily:{
                base: 'var(--iw-font-base)',
            },
            colors: {
                iw: {
                    background: 'var(--iw-color-background)',
                    header: 'var(--iw-color-header)',
                    footer: 'var(--iw-color-footer)',
                    title: 'var(--iw-color-title)',
                    subTitle: 'var(--iw-color-subTitle)',
                    searchTitle: 'var(--iw-color-searchTitle)',
                    primary: 'var(--iw-color-primary)',
                    helpAccordionHover: 'var(--iw-color-helpAccordionHover)',
                    shadow: 'var(--iw-color-shadow)',
                    spinningLoaderPrimary: 'var(--iw-color-spinningLoaderPrimary)',
                    spinningLoaderSecondary: 'var(--iw-color-spinningLoaderSecondary)',
                    navigationBar: 'var(--iw-color-navigationBar)',
                    languageGlobeIcon: 'var(--iw-color-languageGlobeIcon)',
                    languageArrowIcon: 'var(--iw-color-languageArrowIcon)',
                    languageCheckIcon: 'var(--iw-color-languageCheckIcon)',
                    closeIcon: 'var(--iw-color-closeIcon)',
                    searchIcon: 'var(--iw-color-searchIcon)',
                    tileBackground: 'var(--iw-color-tileBackground)',
                    shieldSuccessIcon: 'var(--iw-color-shieldSuccessIcon)',
                    shieldErrorIcon: 'var(--iw-color-shieldErrorIcon)',
                    shieldLoadingIcon: 'var(--iw-color-shieldLoadingIcon)',
                    shieldSuccessShadow: 'var(--iw-color-shieldSuccessShadow)',
                    shieldErrorShadow: 'var(--iw-color-shieldErrorShadow)',
                    shieldLoadingShadow: 'var(--iw-color-shieldLoadingShadow)',
                }
            }
        },
    },
    plugins: [require('tailwindcss-rtl')],
}

```

2. index.css

    * This file maintains the css properties for each theme in the css variables.
    * During the deployment, the theme properties will get applied based on the theme selected.

```jsx

@layer base {
    :root {
        --iw-font-base: "Inter", sans-serif;
        --iw-color-background: #FFFFFF;
        --iw-color-header: #000000;
        --iw-color-shieldLoadingIcon: #ff914b;
        --iw-color-shieldSuccessShadow: #f1f7ee;
        --iw-color-shieldErrorShadow: #FEF2F2;
        --iw-color-shieldLoadingShadow: #f6dfbe;
    }
    .purple_theme {
        --iw-font-base: "Gentium Plus", serif;
        --iw-color-background: #bcaaf3;
        --iw-color-header: #8f69ec;
        --iw-color-shieldErrorIcon: #4518de;
        --iw-color-shieldLoadingIcon: #5b32f1;
        --iw-color-shieldSuccessShadow: #f1f7ee;
        --iw-color-shieldErrorShadow: #FEF2F2;
        --iw-color-shieldLoadingShadow: #f6dfbe;
    }
}
```

Setting Defaults for Inji Web Application :

In the env.config.js file, below properties is used to customize the application during the deployment.

```jsx
window._env_ = {
		...
		DEFAULT_LANG: "en",
    DEFAULT_THEME: "",
    DEFAULT_TITLE: "Inji Web",
    ...
};
```

DEFAULT_THEME: This property helps you to customize the theme, currently Inji Web Supports two different Themes

1. Default Theme - “”
2. Purple Theme - “purple_theme”

DEFAULT_LANG: - This property helps you to specify the default language during the deployment.

DEFAULT_TITLE: - This property helps you to specify the default title of the INJIWEB during the deployment.

Inji Web currently provides support for following credential providers:

Download VC using OpenID for VC Issuance Flow (eSignet)

• National ID

• Insurance

To set up a new provider that can issue VC, it can be accomplished by making a few configuration changes.

Steps:

1. The configuration details can be found in the mimoto-issuers-config.json property file. This file is maintained separately for each deployment environment. In this repository, each environment's configuration is stored in a dedicated branch specific to that environment.

Refer to mimoto-issuers-config.json of Collab environment.

These values will be used by Inji Wallet via Mimoto. Mimoto exposes APIs which is used by the Inji Wallet application to fetch, store the issuers and their configurations in the local storage.

• API used to fetch issuers: https://api.mosip.io/v1/mimoto/residentmobileapp/issuers

• API used to fetch issuer's configuration: https://api.mosip.io/v1/mimoto/residentmobileapp/issuers/${issuerId}

1. In mimoto-issuers-config.json, new providers can be added as per the well-known schema defined by OpenID4VCI standards.

After adding the provider in configuration, it will be displayed on the UI on Add new card screen.

• If new provider supports OpenID4VCI protocol, it is recommended to use issuerMachine.ts and EsignetMosipVCItemMachine.ts for workflow to download VC.

• If it doesn't support OpenID4VCI protocol, new state machine needs to be added. Please refer to issuerMachine.ts and EsignetMosipVCItemMachine.ts.

1. At present, Inji Wallet supports verification of VCs which has RSA proof type. If VC is issued with any other proof type, verification will fail and VC will not be downloaded. To bypass this VC verification, we need to use issuer id as "Sunbird".

Refer https://github.com/mosip/mosip-config/blob/collab1/mimoto-issuers-config.json#L71 as reference. Here, credential_issuer should be "Sunbird" and then add all the configuration.

1. Token endpoint should also use same issuer id. Refer https://github.com/mosip/mosip-config/blob/collab1/mimoto-issuers-config.json#L143

2. Onboarding Mimoto as OIDC Client for a new Issuer:

• Mimoto OIDC client is now added as an optional partner, which can be onboarded through partner onboarder as per requirement.

• In mosip-onboarding itself, there is a script by the name create-signing-certs.sh which creates the certificates as well as the oidckeystore.p12.

• Client ID is created randomly by using the PMS API, and there is no client Secret for that.

• Clients can be renewed upon request, however, this will require some manual adjustments. It is recommended to create a client only once per environment as they do not expire.

• Modifications were made to the install.sh script within the Mimoto software, along with adjustments to the helm charts in the Mimoto repository, in order to facilitate the storage and mounting of the oidckeystore.p12 file.

• For Onboarding the new issuer, the same steps have to be followed and p12 has to be generated.

• Once the p12 file is generated, the existing keystore file should be exported from the Mimoto pod. The newly created p12 file must then be imported and remounted in the Mimoto POD.

Countries have the option to customize Inji Web as per their requirements. Refer to the documents below for more information on the same.

The following customizations are available in Inji Web:

• UI Customization

• Locale Customization

• Credential Provider

Release Name: Inji Web v0.9.0

Support: Developer Release

Release Date: 29th June, 2024

Overview

Inji Web 0.9.0 introduces a dedicated repository for configurations specific to Inji stack, significant tech upgrades in addition to Localization and Theme Customization support along with UI enhancements.

Summary

Below are the details for the Inji Version 0.9.0 release:

inji-config Repository to maintain inji stack related configurations.

Tech Upgrades

1. CSS library: Inji Web has moved from MaterialUI to Tailwind CSS library for more flexibility.

2. Conversion of JS to TS: Migration of React project from javascript to typescript.

Customization

1. Localization: Inji Web now supports below languages:

   • International : English, French and Arabic

   • Indian : Hindi, Kannada, Tamil

2. Theme Customization: Inji Web offers theme customization of the UI.

UI Enhancements

1. Responsive views: Users can now view Inji Web portal in Tablets and Mobile devices.

2. PDF Layout changes The layout of the VC generated as PDF is now in similar lines of VC detailed view in Inji Wallet.

Repository Released

Known Issues

Bug Fixes

Below are the list of fixes as part of 0.9.0 release:

Documentation

Release Name: Inji Web v0.8.0

Support: Developer Release

Release Date: 26th April, 2024

Overview

We are extremely delighted to announce the launch of the first release of the Inji Web application, introducing seamless download of Verifiable Credentials in PDF format as the key feature of Version 0.8.0.

Summary

Below are the details for the Inji Version 0.8.0 release: Download VC as PDF

Complementing our existing Inji Wallet app, the Inji Web platform provides users with a user-friendly web interface for securely downloading credentials with ease, anytime and anywhere. Further, Inji web seamlessly integrates with Mimoto and eSignet to fetch the credentials from the issuer and download the Verifiable Credential in PDF format. To know more about the feature refer here.

Repository Released

Known Issues

Documentation

• Feature documentation

• User guide

• QA Report

• API Documentation

Testing Scope

The scope of testing is to verify fitment to the specification from the perspective of

• Functionality

• Deploy ability

• Configurability

• Customizability

Verification is performed not only from the end user perspective but also from the System Integrator (SI) point of view. Hence Configurability and Extensibility of the software is also assessed. This ensures the readiness of software for use in multiple countries. MOSIP is an “API First” product platform.

Testing scope has been focused on the below features:

• Authenticate user credentials

• Credential type

• Download VC

• Durian data storage integration

• Error Handling

• Inji Home page

• Issuer selection in the “Home Page”

• Issuers support

• Latest draft changes support for OpenID4VCI

• Multi languages support

• OpenID4VP Implementation

• PDF and CBOR

• PDF Generation and auto download

• PDF View

• QR Code

• Responsive view of the web

• Retrieve credential types

• Retrieve issuers list

• Search bar functionality

• Success/Failure notifier after downloading the VC PDF

• Theme update

• UI Automation

• Access violations

Test Approach

Persona based approach has been adopted to perform the IV&V, by simulating test scenarios that resemble a real-time implementation.

A Persona is a fictional character/user profile created to represent a user type that might use a product/or a service in a similar way. Persona based testing is a software testing technique that puts software testers in the customer's shoes, assesses their needs from the software and thereby determines use cases/scenarios that the customers will execute. The persona needs may be addressed through any of the following.

• Functionality

• Deploy ability

• Configurability

• Customizability

The verification methods may differ based on how the need was addressed.

Verified configuration

Verification is performed on various configurations as mentioned below

• Default configuration - with 6 Lang

  • English

  • French

  • Arabic

  • Hindi

  • Tamil

  • Kannada

Feature Health

Test execution statistics

Functional test results

Below are the test metrics by performing functional testing. The process followed was black box testing which based its test cases on the specifications of the software component under test. Functional test was performed in combination of individual module testing as well as integration testing. Test data were prepared in line with the user stories. Expected results were monitored by examining the user interface. The coverage includes GUI testing, System testing, End-To-End flows across multiple configurations. The testing cycle included simulation of multiple identity schema and respective UI schema configurations.

Here is the detailed breakdown of metrics for each module:

UI Automation and API Test Rig test results

Below are the test metrics by performing UI Automation and API Test rig.

Here is the detailed breakdown of metrics for each module:

Functional and test rig code base branch which is used for the above metrics is:

Hash Tag: 58e77d26fc1b98884c11638bba70c128d27994e3

Detailed Test metrics

Below are the detailed test metrics by performing manual/automation testing. The project metrics are derived from Defect density, Test coverage, Test execution coverage, test tracking and efficiency.

The various metrics that assist in test tracking and efficiency are as follows:

• Passed Test Cases Coverage: It measures the percentage of passed test cases. (Number of passed tests / Total number of tests executed) x 100

• Failed Test Case Coverage: It measures the percentage of all the failed test cases. (Number of failed tests / Total number of test cases executed) x 100

Git hub link for the xls file:

<TBD>

Inji Web offers multi-lingual support. At present, 3 Indian and 3 international Languages are supported.

1. English

2. Arabic

3. French

4. Tamil

5. Hindi

6. Kannada

Steps to support a new language

1. Under locales folder, localization of a particular language JSON file has to be added.

2. Language JSON has to be imported in i18n.ts and load the resources to i18next as follows:

• import ta from './locales/ta.json';

• const resources = { en, fr, ar, hi, kn, ta };

1. Ensure the language display mapping is done in the LanguagesSupported variable in i18n.ts

   Copy

   export const LanguagesSupported: LanguageObject[] = [
       {label: "English", value: 'en'},
       {label: "தமிழ்", value: 'ta'},
       {label: "ಕನ್ನಡ", value: 'kn'},
       {label: "हिंदी", value: 'hi'},
       {label: "Français", value: 'fr'},
       {label: "عربي", value: 'ar'}
   ]

2. To use with react, must include the key with the 't' function <Text>{t('editLabel')}</Text>

About libraries

Below specified libraries are used in the Inji Web react project to support localization:

1. i18next: i18next is an internationalization framework. It provides the standard i18n features such as plurals, context, interpolation, and format. It provides a complete solution to localize products in the web.

2. react-i18next: react-i18next is a set of components, hooks, and plugins that sit on top of i18next, and is specifically designed for React.

The Build & Deploy section offers a detailed overview of the process and steps involved in building and deploying Inji Web.