The IDP Kit

We are proud to announce our new open source product: the IDP Kit.

We built the IDP Kit (or Identity Provider Kit) to bridge the old digital world (web 2) and the new one (web 3) by enabling (backwards) compatibility of NFTs and identity credentials (e.g. based on Self-Sovereign Identity, SSI) with todays’ enterprise infrastructure and applications for authentication and identification.

As such, the IDP Kit extends our current products which establish a holistic infrastructure for decentralized identity (SSI Kit) and digital assets (NFT Kit) controlled by users via wallets (Wallet) and makes these new concepts accessible for traditional identity and access management solutions.

Let’s dive in ...

The Developers’ Dilemma (or Why we built the IDP Kit)

Over the last years, we witnessed the rise of new technologies and movements that promise to give people control over their data, democratize finance, property rights and much more. In this context, two new technologies stand out:

• Self-Sovereign Identity (SSI) as a user-centric approach to digital identity. Learn more.

• Non Fungible Tokens (NFTs) as a way to tokenize any type of asset to digitally model ownership and property rights. Learn more.

SSI and NFTs are exciting new technologies that will change the digital world forever by enabling people and organizations to collect, manage and share/trade their identity data and assets without having to involve middlemen like online platforms that come with well known issues (e.g. power imbalances, dependencies, privacy violations, costs). However, there is a problem: These new technologies have been designed for a digital world that is different from the digital world of today. As a result, traditional applications cannot utilize identity credentials (SSI) and NFTs or connect to the underlying wallet infrastructure with which these technologies are managed.

Putting it differently: Today, I can already have a digital wallet that contains identity credentials like digital versions of my passport or diplomas and NFTs like vouchers, art or skins for an online game. In theory, I could use these identity credentials and NFTs to do all kinds of things like identify myself towards service providers (e.g. to open a bank account remotely) or log into different services or claim discounts online. In practice, I cannot use them, because there is nothing that connects my wallet to today's applications. In other words, we lack a solution that connects conventional identity and access management tools with wallets and their contents (like identity credentials and NFTs).

We built the IDP Kit as a solution to this Developers’ Dilemma, as the infrastructure that enables wallets to connect and communicate with any application via traditional identity and access management solutions.

What is the IDP Kit?

The IDP Kit offers developers and organizations an easy way to extend their existing legacy authentication and CIAM solutions (e.g. Keycloak) with the ability to verify and process NFTs and identity credentials (SSI) for identity and access management. 

Here’s the most important things to know about the IDP Kit:

• It is open source (Apache 2) so that anyone can use the code for free and without limitations.

• It enables you to use various authentication and data exchange protocols - like “OpenID Connect” (OIDC) and its extensions for SSI (e.g. presentation exchange, credential Issuance) or “Sign in with Ethereum” (SIWE).

• It is flexible in a sense that you can deploy and run the IDP Kit on-premise, in your (multi) cloud environment or use it as a library in your applications.

• It can directly be used in combination with Identity Brokers e.g Keycloak, Okta, etc.

• It is customizable in a sense that you can easily configure validation-rules for verifying NFTs and W3C Verifiable Credentials (see Verification Policies).

• It is modular and composable allowing you to individualize and extend its functionality with your own implementations or third party solutions. This openness prevents lock-in and allows you to build solutions that meet your individual requirements without compromise.

How does it works? 

The IDP Kit enables (backwards) compatibility of NFTs and identity credentials (SSI) with traditional web2 applications - particularly for identification and authentication use cases. The way it works is quite simple:

Once a wallet user wants to use their identity credentials (SSI) or NFTs to sign into a service (e.g. initiated via a “connect wallet” button), existing Identity and Access Management solutions forward the user to our IDP Kit which actually connects with the users’ wallet and requests identity credentials (SSI) or fetches NFT and metadata, both of which are then verified against customizable policies (via SSI Kit or NFT Kit). The verification result is sent back to the IDP Kit and translated into a format (e.g. JWT token) that can be used by traditional Identity and Access management tools.

Relation to our other Products

The IDP Kit connects our infrastructure products for digital identity (SSI Kit) and digital assets (NFT Kit) with todays’ / traditional identity and access management solutions or authorization tools. This way, you can think about the IDP Kit as an extension of our identity and NFT products that facilitate integration, ensure backwards compatibility and prevent rip-and-replace.

How to use the IDP Kit?

You can get started with the IDP Kit in two different ways

• Self-Managed: Deploy the IDP Kit on-premise or in your cloud environments and connect your applications via the REST APIs or integrate our libs directly with your applications. Learn how to get started via GitHub

• Managed Service: We deploy, run and maintain the IDP Kit for you and make it accessible via high-level APIs so you do not need to worry about anything.

In any case, we offer a broad range of services to make life easier for you like consulting, development / integration of pilots and production systems or technical support.

Want to learn more?

Join our community or get in touch. We’re always happy to help.