Feat/w3c digital credentials api #218
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ntials - Add configuration model for Digital Credentials API and CSS customization - Implement browser-side JavaScript client for navigator.credentials.get() - Create enhanced authorization page with configurable themes and QR fallback - Add JAR (JWT Authorization Request) support with format negotiation - Support multiple credential formats: vc+sd-jwt, dc+sd-jwt, mso_mdoc - Update direct_post endpoint to handle both form-encoded and JSON responses - Add format preference negotiation in request objects - Include comprehensive documentation and example configuration This implementation allows browser-based credential presentation while maintaining backward compatibility with QR code flows. Relying Parties continue using standard OIDC with zero code changes.
- Add CredentialDisplayConfig to verifier-proxy configuration - Implement optional checkbox on authorization page - Create credential display page showing claims and raw credential - Add session preference storage and confirmation flow - Support both optional and mandatory display modes - Include comprehensive documentation and examples This feature serves as both a debugging tool (showing raw credentials and parsed claims) and an optional additional consent step in the OIDC flow. It's disabled by default and fully backward compatible.
- Document architectural differences between services - Provide detailed feature comparison matrix - Outline 8-week phased migration strategy - Include risk assessment and mitigation plans - Detail configuration and database migration steps - Provide code examples for legacy compatibility layer - Include testing strategy and rollback procedures
masv3971
reviewed
Nov 26, 2025
| ```yaml | ||
| preferred_formats: | ||
| - "vc+sd-jwt" # Try this first | ||
| - "dc+sd-jwt" # Fallback to this |
Collaborator
There was a problem hiding this comment.
I tougth that dc+sd-jwt was just a new name for vc+sd-jwt, the latest spec of sd-jwt-vc uses dc+sd-jwt.
leifj
added a commit
to sirosfoundation/vc
that referenced
this pull request
Nov 26, 2025
… Credentials API) as completed - Priority 10: W3C Digital Credentials API Support in Verifier - COMPLETED - Full implementation with browser-based flows - Enhanced UI and session preference management - Documentation in docs/DIGITAL_CREDENTIALS_API.md - Priority 11: OpenID Connect Relying Party - COMPLETED - Complete OIDC RP implementation with PKCE and dynamic registration - Layered architecture (httpserver → apiv1 → pkg) - Session management with ttlcache - Documentation in docs/OIDC_RP.md Both features merged to main via upstream PRs dc4eu#217 and dc4eu#218
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an implementation of the DC API for the verifier-proxy.