This repository contains various samples for using OpenID4VP for the process of Strong Customer Authentication according to Technical Specification 12.
You may use the SD-JWT Debugger to view the SD-JWT VC examples.
sequenceDiagram
autonumber
actor user as User<br/>aka Holder
participant wallet as Wallet
participant psp as PSP<br/>aka Issuer & Verifier
Note over psp: Out-of-band payment initiation
psp ->> wallet: OpenID4VP auth request(dcql,transaction_data)
activate wallet
wallet ->> user: Show consent screen
user ->> user: review payment details
user ->> wallet: consent (Knowlege || Inherence)
wallet ->> wallet: Sign Verifiable Presentation
wallet -->> psp: OpenID4VP auth response(vp_token)
psp -->> wallet: redirect
sequenceDiagram
autonumber
actor user as User<br/>aka Holder
participant wallet as Wallet
participant merchant as Merchant
participant mpsp as Merchant PSP
participant psp as PSP<br/>aka Issuer & Verifier
user ->> merchant: initiate payment
merchant ->> mpsp: initiate payment
mpsp ->> wallet: OpenID4VP auth request(dcql,transaction_data)
activate wallet
wallet ->> user: Show consent screen
user ->> user: review payment details
user ->> wallet: consent (Knowlege || Inherence)
wallet ->> wallet: Sign Verifiable Presentation
wallet -->> mpsp: OpenID4VP auth response(vp_token)
Note over mpsp,psp: Payment scheme
mpsp ->> psp: Transport(vp_token)
psp ->> psp: Verification
psp -->> mpsp: response(transaction result)
mpsp -->> merchant: response(transaction result)
merchant -->> wallet: redirect
The project is co-funded by the European Union. However, the views and opinions expressed are those of the author(s) only and do not necessarily reflect those of the European Union or the granting authority. Neither the European Union nor the granting authority can be held responsible.
Licensed under the Apache 2.0 License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. The IP is handled as part of the EWC IP agreement. Please note that some of the RFCs (Like payments) are not based on Apache 2.0 license.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the LICENSE for the specific language governing permissions and limitations under the License.