Oracle Cloud KMS integration

We are proud to announce that starting today, governments and businesses that are already using or plan to use the Oracle Cloud Key Management Service (KMS) infrastructure can now operate it together with the walt.id stack to offer highly secure digital identity and wallet solutions for businesses and individuals.

The Developers Dilemma (why the Oracle KMS Integration)

Many of our customers already use the Oracle Cloud KMS to secure cryptographic key material for their offerings. But until today, if they also wanted to secure their digital identity products powered by walt.id via the Oracle Cloud KMS, manual processes and custom developments were required. This caused not only frustration and a longer time to market but also introduced security issues as keys needed to be transferred between systems.

That’s why we built the integration, to make it easier for businesses and governments who already use or want to use Oracle Cloud’s secure KMS setup and make it work with the walt.id stack. This will enable a faster launch of highly secure digital identity products without headaches. No more manual setups taking up weeks, just one easy configuration written in minutes. Since we’ve decided to open-source it (via the Community Stack), everyone will get access and will enjoy complete flexibility and extensibility.

What does the integration offer?

Here’s an overview of the most important capabilities this integration enables:

Identity Wallets: Keys powering the digital identity wallets created via the walt.id wallet SDKs and APIs are now created and stored in the highly secure Oracle Cloud KMS environment.

Digital Signatures: Signatures required for the issuance and presentation of digital credentials initiated via the walt.id issuer, wallet, or verifier APIs and SDKs are now created inside the secure environment of Oracle Cloud KMS.

How it works?

When using Oracle Cloud as an external KMS (Key Management System) in the walt.id stack, keys for wallets will be created and stored there. Signatures for issuance and presentation of digital credentials are also created in the Oracle Cloud environment. The walt.id system only provides key metadata, required access credentials, and the content to be signed. With this process, private keys never leave the secure Oracle Cloud KMS environment, reducing the risk of private key exposure and theft.

Get started

• Issuer - Create keys in the Oracle Cloud KMS and use them to sign and issue credentials.

• Wallet - Create highly secure digital wallets with Oracle Cloud KMS protected keys.

• Core Crypto Lib - Sign any content in Kotlin/Java using keys from the Oracle Cloud KMS.