For Verifiers
The presentation flow in WIDE allows a client application to configure a server-side setup and then direct users to WIDE, which will handle the user interaction based on the provided configuration. This flow is particularly useful for services requiring user verification or presentation of credentials.
Configuration
Each configuration is associated with a unique identifier (uniqueId) and includes the following settings:
{
"rpName": "Organization Name",
"serverApiEndpoint": "https://api.yourorganization.app/wide/uploadData",
"sourceUri": "https://yourorganization.app",
"redirectUri": "https://yourorganization.app/callback",
"logoUri": "https://yourorganization.app/assets/svg/logo.svg",
"iconUri": "https://yourorganization.app/assets/icon.png",
"requireMessageSignature": true,
"credential": {
"type": ["Organization Credential Type"]
}
}
- rpName: The name of the relying party (your organization).
- serverApiEndpoint: Your web app's endpoint to which WIDE will post user data.
- sourceUri: The base URI of your application.
- redirectUri: The URI to which WIDE will redirect users after processing.
- logoUri: URI for the logo to be displayed in the WIDE interface.
- iconUri: URI for the favicon used in browser tabs during WIDE interaction.
- requireMessageSignature: Indicates whether WIDE requires a message signature for additional security.
- credential: Specifies the types of credentials required.
Setting the configuration
To set the configuration, make a POST request to the WIDE server with the configuration data. This request is made against a specific uniqueId which acts as a key to store and retrieve the configuration.
this.http.post(`${this.apiUrl}/rp/config/${uniqueId}`, config);
Currently, calling this method multiple times with the same uniqueId will overwrite the existing configuration. This behavior is recognized as a limitation and is planned to be addressed in future updates.
Redirection for Presentation
After setting the configuration, the client application redirects the user to the WIDE presentation URI, passing the uniqueId as a query parameter. This URI initiates the user interaction based on the previously set configuration.
https://wid3.app/present?domain=<uniqueId>
Retrieval of Credentials
The user may then issue the credentials they decrypted locally directly to your server to the serverApiEndpoint. In addition to the credential this also includes a randomly generated key which may then be used to identify the credential after the redirect.
WIDE's Response
Once the user completes their interaction with WIDE, they are redirected back to the redirectUri specified in the configuration. A token is passed as a URI parameter, which is equivalent to the key passed on to your Web Application (serverApiEndpoint).
This URI should handle the user's return and process any data or follow-up actions required as a result of the interaction.