9 Internal Workflows
This section provides a detailed view of how this Building Block will interact with other Building Blocks to support common use cases.
This section provides a detailed view of how this Building Block will interact with other Building Blocks to support common use cases.
This workflow follows the authorization code flow of the OAuth 2.0 authorization framework to authenticate the Holder and then issue a Verifiable Credential.
In this workflow, the Holder initiates the request using the Wallet and authenticates via the Issuer's authorization endpoint. Once authentication is completed and consent is given, the Issuer provides an authorization code specified in to issue access tokens. The Wallet can then use the access token to retrieve the credential from the Issuer by calling the credential issuance endpoint.
This workflow follows the pre-authorization code flow of the OAuth 2.0 authorization framework. Before interacting with the Wallet, the Credential Issuer generates a Verifiable Credential for the Holder and provides a pre-authorization code. The Holder uses this pre-authorization code to obtain the Credentials in the Wallet which is shared as part of the token endpoint to receive an access token, which is then used to retrieve the credentials.
In this workflow flow, the Holder presents the credential to a Verifier on the same device where the Holder's Wallet resides.
In this workflow, the Holder presents the credential to a Verifier interacting with the Holder on a different device from the Wallet's location.
In this flow, the Verifier prepares an Authorization Request and renders it as a QR code. The User then uses the Wallet to scan the QR code to obtain the request URI. Using the request URI, the Wallet retrieves the presentation definition, authenticates the Holder, and captures consent to generate the Verifiable Presentation. The Verifiable Presentations are then sent to the Verifier.
A reference use case for same-device sharing of credentials is available .
A reference use case for cross-device sharing of credentials is available .