A tamper-proof, instantly verifiable data format that is cryptographically signed by a trusted issuer. Users can store VCs securely on their devices or browsers and share them when needed. VCs are digital versions of trusted documents (e.g., IDs, certificates) that can be securely shared and instantly verified.
A cryptographically secured package containing one or more Verifiable Credentials that a holder shares with a verifier. The wallet generates a Verifiable Presentation containing only the selected claims, which is then securely shared with the verifier.
The entity about whom claims are made in a Verifiable Credential. For example, in an employee credential, the employee is the credential subject about whom claims like job title and employee number are made.
The individual or entity which possesses the credential (e.g., the student with the degree, the citizen with the passport, the employee with the work permit). The holder stores and manages their VCs. Inji's 'Holder-module' is called Inji Wallet.
The entity that issues the credential and makes claims about the subject (e.g., a university issuing a degree, a government issuing a passport, an employer issuing a work permit). The issuer cryptographically signs the VC. Inji's 'Issuance-module' is called Inji Certify.
The entity that requests and verifies the credential to confirm a claim (e.g., an employer checking a degree, a border agent checking a passport, a landlord checking a work permit). The verifier checks the cryptographic proofs to ensure the VC's authenticity and integrity. Inji Verify is MOSIP's verification module.
An immutable statement made about the credential subject, such as employee number, job title, name, or date of birth. Claims are cryptographically signed by the issuer to ensure they cannot be tampered with.
Cryptographic methods used to verify the data source and ensure data integrity. Proofs utilize cryptographic methods to verify the data source and ensure data integrity. Supported proof types include JWT, JSON-LD proof, and IETF SD-JWT.
The structure that defines the format, fields, and validation rules for a specific type of Verifiable Credential. Issuers can configure credential schemas for different certificate types, generating credentials in different VC formats.
A category of credential that defines what kind of information it contains (e.g., National ID, Insurance Credential, Driver's License). A single issuer can manage and issue multiple types of verifiable credentials within the same ecosystem.
The current state of a Verifiable Credential, which can be: Valid (credential is active and verified), Revoked (credential has been invalidated by the issuer), Expired (credential has passed its validity period), or Pending (credential status is being checked).
A mechanism for issuers to initiate credential issuance to holders. Can be delivered via a credential_offer URI with or without a pre-authorization code.
The process of cryptographically linking a credential to its intended holder to prevent unauthorized use. Inji Certify supports credential binding with DID keys and JWT proof.
Verifying that the credential is bound to the correct holder, especially in cases where the VC includes a subject proof (e.g., via DID or SD-JWT binding).
The process by which an issuer invalidates a Verifiable Credential before its natural expiry. Inji Certify maintains a Revocation List and provides Revocation APIs allowing issuers to mark credentials as revoked. Verifiers can check whether a credential is valid or revoked using the Verification API.
The date after which a Verifiable Credential is no longer considered valid. Credential metadata includes the expiry date, and Inji Wallet performs expiry checks during verification.
The complete journey of a credential from issuance through storage, presentation, potential revocation, and eventual expiry.
The process by which an issuer creates, signs, and delivers a Verifiable Credential to a holder. An issuer creates a digital credential with claims about a subject and cryptographically signs it.
The process by which a verifier uses cryptographic proofs within the VC to confirm that it was issued by a trusted party and has not been tampered with. This often involves checking against a Verifiable Data Registry where public keys of issuers are stored.
When the holder presents the VC (or a verifiable presentation, which can include multiple VCs or selectively disclosed information) to a verifier for verification purposes.
The secure storage of Verifiable Credentials on a user's device or in a secure cloud storage. After successful verification, the Verifiable Credential is securely stored in the wallet platform's secure storage solution to ensure reliable and convenient access.
A new type of identifier that enables verifiable, decentralized digital identity. Inji uses W3C DID standards for self-sovereign identity. All identities in Sunbird-RC are DID-compliant and are web-resolvable.
An approach to digital identity that gives individuals control over their own identity data. Inji follows SSI principles by enabling holders to store credentials on their devices and control when and how data is shared.
A format for encoding Verifiable Credentials using JSON with linked data context. Inji supports JSON-LD credentials with standards-based Linked Data Proofs, widely adopted across ecosystems for interoperability and verifiability.
A compact, URL-safe format for representing claims securely between two parties. JWT is one of the supported credential formats in Inji, enabling efficient transmission and verification across web and enterprise systems.
A standard for digitally signing content using JSON-based data structures. Signed JWT (JWS) credentials enable compact, JSON-based credentials that enable efficient transmission and verification.
A binary data format used for compact, efficient encoding of data. PixelPass uses CBOR encoding to compress JSON data for more efficient QR code generation.
The W3C Verifiable Credentials Data Model version 1.1, which Inji supports for issuing, presenting, and verifying digital credentials across different identity ecosystems.
The W3C Verifiable Credentials Data Model version 2.0, which Inji Certify supports alongside version 1.1. Inji Wallet now supports SVG-based credential rendering for Data Model 2.0 VCs.
An authentication layer built on top of OAuth 2.0. eSignet implements OpenID Connect flows that help relying parties perform quick integrations using pre-existing libraries for user verification.
An authorization framework that enables applications to obtain limited access to user accounts. Inji Certify implements OAuth 2.0-based authorization for credential issuance and supports integration with OAuth 2.0 compliant authentication services like eSignet and Keycloak.
A standardized protocol for issuing verifiable credentials securely to digital wallets. Inji Certify follows OpenID4VCI draft 13 standard for secure credential delivery. It facilitates the secure issuance of VCs to holders and supports various credential formats including SD-JWT and mDoc/mDL.
A protocol that enables selective disclosure of credentials while maintaining user privacy. It supports QR code-based and deep-linking mechanisms for credential presentation and ensures verifier authentication to prevent unauthorized access.
Privacy-preserving credentials that allow holders to selectively disclose attributes while keeping the rest private. Enables holders to download and share credentials in SD-JWT format, allowing users to share only the necessary attributes while keeping other data private.
The international standard for Mobile Driving Licenses (mDL) and Mobile Documents (mDoc). Inji supports this standard for secure, offline-verifiable digital documents with NFC and QR-based interactions for secure credential exchange.
A mobile document format specified in ISO 18013-5/7 for secure, offline-verifiable digital documents. Inji Certify has upcoming support for full mDoc implementation.
A mobile driver's license format as specified in ISO 18013-5, enabling secure and convenient digital driver's license presentation on mobile devices. Inji Wallet supports mDoc credentials from issuers like the Veridonia Department of Motor Vehicles.
A compact, privacy-preserving claims format for credentials registered with IANA. It provides a compact format for credentials and is part of the standards Inji follows.
A cryptographic mechanism used by issuers to sign credentials, guaranteeing authenticity, integrity, and tamper resistance. Every credential issued by Inji Certify is protected through digital signatures.
A cryptographic key that can be shared publicly and is used by verifiers to confirm the issuer's signature on a credential. The verifier uses the issuer's public key to confirm the signature.
A cryptographic key kept secret by the issuer and used to sign credentials. The issuer signs the credential with their private key. In Inji Wallet, private keys are stored using Android Keystore or iOS Secure Enclave and cannot be exported or tampered with.
A combination of a public key and a private key generated together. When credentials are activated, a keypair is generated in the phone and the public key is synced with the server.
A mathematical proof that verifies data authenticity and integrity. Inji Mobile Wallet verifies that VCs are cryptographically valid based on proof type, verifying the integrity of the data using appropriate proof mechanisms.
The administration of cryptographic keys including generation, storage, rotation, and destruction. The Keymanager Service in Inji Certify manages cryptographic keys used for signing and verifying credentials, ensuring secure storage and retrieval.
A physical computing device that safeguards and manages cryptographic keys. Inji Certify's infrastructure includes HSM for secure key management.
A hardware-based security feature on iOS devices that provides a secure environment for cryptographic operations. Inji Wallet stores private keys using the iOS Secure Enclave, ensuring keys cannot be exported or tampered with.
A cross-platform cryptographic key management library for Android and iOS, supporting secure key generation, encryption/decryption, HMAC, and digital signatures using native platform security features (Android Keystore and iOS Keychain/Secure Enclave). Supports Android 6.0+ (Hardware-backed keystore) and iOS 13.0+ (Secure Enclave + Keychain).
An RSA-based signature algorithm supported by Inji Certify for signing credentials. Part of the configurable signing algorithms available to issuers.
An Elliptic Curve signature algorithm using the P-256 curve. Inji's Secure Keystore supports ES256 for digital signatures.
A modern digital signature scheme using Edwards curves. Inji Certify supports EdDSA for credential signing, ensuring compatibility with modern secure systems and broader wallet ecosystems.
A specific implementation of EdDSA using the Curve25519 curve. Inji supports Ed25519 Verification Key 2018 and Ed25519 Verification Key 2020 for credential verification. Inji's cryptographic implementation uses Ephemeral Key Pairs generated from X25519 curve.
The identifier for the cryptographic method used to create a proof. Supported proof types include JWT proof. Currently, Inji Certify supports JWT proof type for credential binding.
The process of deriving cryptographic keys from a shared secret. In Tuvali, Wallet and Verifier derive respective keys using HKDF as defined in RFC5869.
A privacy-preserving feature that allows users to share only specific claims from a credential while keeping other attributes private. IETF SD-JWT support allows credential holders to share only required claims/attributes with verifiers.
The principle of sharing only the minimum amount of information necessary for a specific verification purpose. SD-JWT credentials ensure privacy-preserving and minimal disclosure of information.
A privacy principle ensuring only necessary data is collected and shared. All Inji sharing methods include user consent and privacy-by-design to ensure secure, context-aware interactions.
An approach where privacy considerations are embedded into the design and architecture of systems. All Inji Wallet sharing methods include user consent and privacy-by-design.
The process of managing user permissions for data sharing. Users explicitly choose when and what to share with verifiers.
Explicit permission from the user before sharing credential data. All sharing methods in Inji include user consent, and credentials are shared only after the user confirms consent.
Sharing credentials in a way that protects user privacy, typically through selective disclosure. IETF SD-JWT enables privacy-preserving credential sharing where users share only the necessary attributes while keeping other data private.
A property ensuring that any unauthorized modification to a credential can be detected. Verifiable credentials are tamper-evident, meaning any modification is detected through cryptographic verification.
A property of credentials meaning data cannot be altered without detection. Inji provides tamper-proof, instantly verifiable data cryptographically signed by a trusted issuer.
The property of being genuine and verified as coming from the claimed source. Verifiable QR codes utilize digital signatures to safeguard the authenticity and integrity of the data.
The process of confirming that data has not been altered. Inji Wallet confirms that no field or claim in the credential has been altered since issuance.
Verification that a credential is genuine and was issued by a legitimate issuer. Inji Mobile Wallet verifies that the VC is digitally signed by a trusted issuer, ensuring the credential originates from a valid and recognized entity.
Using biological characteristics (fingerprint, face) for user authentication. Inji Wallet supports Android biometrics and Apple Face ID/Touch ID for app access and credential sharing confirmation.
A biometric verification feature that compares a live selfie with the face photo in a credential. Supported during BLE sharing and credential presentation to verify the holder's identity.
A digital wallet solution that empowers users to manage their credentials on different devices. It enables individuals to receive, store, and present Verifiable Credentials (VCs) securely, both online and offline.
A mobile application (Android and iOS) specifically created to streamline all types of identification and credentials into one digital wallet. It offers secure, trustworthy, and dependable mobile Verifiable Credentials wallet designed to download, store, share VCs, enable users to log in to relying parties, and generate QR codes for offline sharing.
A browser-based wallet accessible from any computer for users who do not have access to a smartphone for accessing and using digital credentials. Users can fetch, download, store, and share credentials through a web interface.
A platform that enables issuers to generate, sign, and issue verifiable credentials. It follows the OpenID4VCI (OpenID for VC Issuance) draft 13 standard and issues VCs compliant with W3C Verifiable Credentials (1.1 & 2.0). Issuers can configure credential schemas for different certificate types, generating credentials in formats such as JSON-LD, SD-JWT, etc.
A robust verification tool and web interface designed to validate the verifiable credentials encoded in QR codes. Users can Scan, Validate, Fetch, and Display credentials. It decodes data stored within QR codes using the PixelPass library and validates the verifiable credential.
A Backend for Frontend (BFF) service for Inji Wallet. It provides all necessary APIs to Inji Wallet and acts as a proxy for resident services. It gets requests from Inji Wallet, performs validations, and forwards them to respective services. It also handles default configuration, VC downloads, and VC activation.
An authentication service utilized by Inji Wallet for online login. Users can log in to any service provider portal integrated with eSignet. It implements OpenID Connect flows for quick and easy integrations using pre-existing libraries for user verification.
A module that supports transferring Verifiable Credentials (VCs) over Bluetooth Low Energy (BLE). It implements OpenID for VP over BLE specification for secure offline credential sharing. The transfer flow includes connection setup with cryptographic key exchange, data transfer, and connection closure.
A versatile library designed to simplify working with QR codes and data compression. It generates QR codes from data, compresses JSON using CBOR encoding, and decodes compressed data back to original format. Available as NPM, Kotlin, Swift, and Java artifacts. Features include zlib compression (level 9), base45 encoding/decoding, and CBOR encoding/decoding for JSON data.
A client library for requesting Verifiable Credentials from credential issuers. Available as Kotlin and Swift packages for Android and iOS respectively. It handles credential requests, proof JWT submission, and credential response processing.
A component that enables verification of credentials shared over Bluetooth Low Energy. Supports peer-to-peer offline sharing with face match verification.
A registry and credentialing platform integrated with Inji Certify. It provides Identity Service (DID-compliant identities), Credential Schema Service (stores VC schemas and view templates), and Credential Service (core issuance service that transforms payloads into W3C-compliant Verifiable Credentials).
The secure storage solution used by Inji Web to store Verifiable Credentials. After successful verification, credentials are securely stored in Durian for reliable and convenient access with protection against unauthorized access.
An open-source platform for foundational identity. Inji is governed by MOSIP with community contributions. MOSIP provides the broader identity ecosystem within which Inji operates.
A standards-based credential format using Linked Data Proofs, widely adopted across decentralized identity ecosystems for interoperability and verifiability.
Compact, JSON-based credentials that enable efficient transmission and verification across web and enterprise systems using the Signed JWT (JWS) format.
Privacy-preserving credentials using Selective Disclosure JWT format that allow holders to selectively disclose attributes while keeping the rest private.
A Mobile Document credential format following ISO 18013-5/7 for secure, offline-verifiable digital documents. Mock issuance is currently supported with full implementation planned for future releases.
A digital credential representing a national identity document. Example: Republic of Veridonia National ID Department issues National ID credentials through Inji Wallet.
A Verifiable Credential containing insurance policy information. Example: StayProtected Insurance and Veridonia Insurance issue insurance credentials.
A Verifiable Credential containing tax identification information. Example: Republic of Veridonia Tax Department issues Tax ID credentials.
A Verifiable Credential containing property and land ownership information. Example: AgroVeritas Property & Land Registry issues Land Record credentials.
A Verifiable Credential representing academic achievements such as diplomas, transcripts, and degree certificates issued by educational institutions.
A Verifiable Credential containing employment-related information such as job offers, salary slips, and letters of recommendation.
A Verifiable Credential containing medical records, vaccination certificates, or prescription information for secure verification in healthcare settings.
A Verifiable Credential used as a digital passport or travel document to facilitate border control and verify traveler identities.
A Verifiable Credential certifying vaccination status. Can be issued through mass issuance campaigns using pre-authorized credential offers.
A mobile driver's license credential following ISO 18013-5 standard. Supports use cases like identity verification in transport, law enforcement, and service access. Issued by entities like Veridonia Department of Motor Vehicles.
See "Credential Issuer" in Core Concepts section.
Configuration information about a credential issuer including credential types offered, display properties, and endpoints. Retrieved from the .well-known location for every issuer configured in mimoto-issuers-config.json.
The API endpoint where credential requests are submitted and credentials are issued. Configured as part of IssuerMetaData in the VCI-Client.
The endpoint for obtaining access tokens during the credential issuance flow. Part of the OAuth 2.0/OIDC integration.
A service that handles authentication and authorization for credential issuance. Inji Certify supports integration with OAuth 2.0 compliant authorization services such as eSignet and Keycloak.
A token issued by authorization providers based on authentication, used to authorize credential requests. Required for making credential requests to the issuer.
A code obtained during the OAuth 2.0 authorization flow that is exchanged for an access token.
A credential issuance flow where users download credentials directly using a credential_offer URI without login, with pre-auth code embedded in the offer. Used in mass issuance or public campaigns (e.g., vaccination certificates).
A standard OAuth 2.0 flow for credential issuance where users authenticate first, then receive credentials. Users are redirected to eSignet UI to enter unique ID and OTP.
A one-time code (OTP/claim code) used in pre-authorized credential offers to bind issuance to a specific user. User enters the code in-app to retrieve VC securely. Ideal for privacy-sensitive issuance (e.g., mDL, insurance).
A JWT proof used for making credential requests. The proof is generated by the wallet and sent with the credential request. Currently, Inji supports JWT proof type.
The response from a credential issuer containing the issued Verifiable Credential. If the issuer does not respond properly, a DownloadFailedException is thrown.
The intended recipient or verifier of a credential. Configured as part of IssuerMetaData.
The technical format in which a credential is encoded. Supported formats include JSON-LD, SD-JWT, and mDoc/mDL.
A plugin responsible for generating and signing Verifiable Credentials. These plugins connect with external identity or authentication systems to obtain information about the credential recipient and generate VCs in appropriate formats. Examples include MOSIP Identity Plugin and Sunbird Plugin.
A plugin that fetches relevant data from external registries or data sources. The retrieved data is returned as a JSON object which Inji Certify uses to generate and issue the corresponding VC. Examples include Mock CSV Data Provider Plugin and Postgres Data Provider Plugin.
A plugin that provides methods to authenticate the end-user with control of supported authentication factors. There is a default plugin implemented for Sunbird Registry.
A plugin that tracks and logs actions within the system for auditing purposes.
A request from a verifier specifying which credentials or claims are needed. The verifier specifies required claims (e.g., Name, Date of Birth) in the OpenID4VP flow.
See "Verifiable Presentation (VP)" in Core Concepts section.
Sharing credentials by generating a QR code using PixelPass that can be scanned or uploaded on verifier portals. Quick and compact method for online sharing.
Sharing VCs offline using Bluetooth Low Energy through the Tuvali module. Enables peer-to-peer credential transfer with optional face match verification.
Sharing credentials without internet connectivity using BLE or QR codes that contain the full credential data. Critical for inclusion in low-connectivity environments.
Sharing credentials over the internet using OpenID4VP flows. Includes SSO via QR Code and OpenID4VP cross-device/same-device flows.
An OpenID4VP flow where the user scans a verifier's QR code from another device (e.g., scanning a desktop QR with mobile wallet), then presents VCs after face verification. The verifier generates an Authorization Request as a QR code, the user scans it with a mobile wallet, and the wallet responds with a vp_token.
An OpenID4VP flow where credential presentation happens on the same device. User taps QR on browser, deep-link opens wallet, and credentials are shared through a seamless redirect. Request can invoke the wallet via deep link where the wallet processes the request and returns the signed Verifiable Presentation.
A URL that opens a specific location within a mobile app. Used in same-device OpenID4VP flows to invoke the wallet directly from a browser and share credentials.
A URL where the user is redirected after completing an authentication or authorization flow. Configured for verifiers and used in OpenID4VP flows.
Biometric verification using facial comparison to confirm the credential holder's identity before sharing. Users are prompted for authentication (Face) if the VC contains a face photo.
A Share with Selfie option available through the quick access menu on credential cards, enabling biometric verification before sharing.
Credential sharing that requires explicit user consent. SD-JWT VP Support ensures consent-driven sharing where the wallet validates signed authorization requests and presents only the chosen claims.
See "Credential Verifier" in Core Concepts section.
A verifier that has been registered and configured as trusted. Configured in mimoto-trusted-verifiers.json with clientId and redirect URI for online sharing.
The outcome of credential verification, indicating whether the credential is valid, invalid, expired, or revoked.
The process of validating the cryptographic signature on a credential to confirm it was signed by the claimed issuer using their private key.
The process of checking a credential's current status (valid, revoked, or expired). The wallet automatically checks status when a card is downloaded, and users can manually recheck anytime.
Checking whether a credential has been revoked by the issuer. Verifier checks revocation status as part of the verification process.
Checking whether a credential has passed its expiry date. Inji Wallet performs checks to confirm credentials are not revoked or expired.
Verifying the cryptographic proof embedded in a credential to ensure data integrity and authenticity.
Confirming that the issuer of a credential is legitimate and their cryptographic key is verified as legitimate.
The process of resolving a DID to obtain the associated DID Document containing public keys and service endpoints. Verification methods supported include did:web in combination with proofValue or jws.
The process of obtaining the issuer's public key to verify a credential's signature. Often involves resolving DIDs or accessing well-known endpoints.
A system that maintains the status of credentials, allowing issuers to revoke credentials and verifiers to check revocation status.
A maintained list of revoked credentials. Inji Certify maintains a Revocation List for JSON-LD credentials and provides a Discovery API for access to the most up-to-date revocation list.
Credentials automatically become invalid after their expiry date, providing a passive form of credential invalidation.
Users can recheck a credential's status whenever needed, with clear results shown instantly.
Revocation status can be cached for offline scenarios, though periodic online updates are recommended.
The entry point for all interactions with Inji Certify, including requests from external Digital Wallets. It handles routing, authorization (using OAuth2 OpenID Connect), and request validation.
A component that digitally signs Verifiable Credentials to guarantee authenticity and integrity. Part of Inji Certify's core layer.
A component that manages templates for different VC types, populating them with data before signing. Handles the generation of credential templates.
A service layer that manages cryptographic keys used for signing and verifying credentials. It ensures secure storage and retrieval of keys and handles key rotation and management tasks.
A modular plugin-based architecture that enables extensible and customizable credential issuance workflows. Allows integration with identity systems, registries, data sources, and third-party services.
The core issuance service in Sunbird RC. Called with a payload, it transforms the data into a W3C-compliant Verifiable Credential in JSON-LD format and signs it using the private key generated during issuer creation.
The central service in Sunbird RC that maintains identities across the system. All identities are DID-compliant and web-resolvable. Other microservices depend on this for generating any identity.
The Credential Schema Service in Sunbird RC that stores the schema of Verifiable Credentials along with associated view templates.
A HashiCorp Vault-based keystore that stores key pairs and secrets for issuers. The Identity Service depends on the vault service.
The main database used by Inji Certify and Inji Verify for storing configuration, credentials, and operational data.
A caching system in Inji Certify's infrastructure for improving performance.
A containerization format used to package and deploy Inji components. All Inji services have Docker images available for deployment.
An orchestration platform supported for production deployments of Inji components. Enables issuers to host and utilize the product at scale.
The architectural style used by Inji Certify with separate services for different functions (e.g., Identity Service, Schema Service, Credential Service).
An architectural approach used by Inji where components function independently, enabling seamless updates and scalability without affecting core functionality.
The visual representation of a credential in the wallet interface. Can be displayed as mini cards or full detail views.
A compact card display format showing essential credential information.
An expanded view of a credential showing all claims and metadata.
The three-dot menu (⋮) on credential cards providing quick access to actions like Share and Share with Selfie.
Fast access options available through the kebab menu on credential cards, including Share and Share with Selfie.
The process of retrieving a Verifiable Credential from an issuer and storing it in the wallet.
The process of securely backing up wallet credentials. Android uses Google Drive and iOS uses iCloud. Supports phone upgrades and app crash recovery.
The process of restoring previously backed up credentials to a wallet, typically after phone upgrades or app resets.
Security feature requiring a passcode to access the wallet app.
Security feature requiring biometric authentication (fingerprint, face) to access the wallet app on every open or session timeout.
Required authentication (biometric or passcode) to access the Inji Wallet application.
The duration after which the wallet requires re-authentication to continue use.
The ability to store and manage multiple credentials of different types in the same wallet. Users can have multiple credentials for the same purpose (e.g., two driver's licenses).
Organization of credentials by type (ID, insurance, education) in the wallet interface.
Recently downloaded or accessed credentials shown first in the wallet interface for quick access.
An entity that relies on credential verification to provide services. Inji Verify SDK provides components for relying party applications to integrate credential verification.
An entity integrated with eSignet that users can log into using their credentials. Users can log in to any service provider portal integrated with eSignet.
A service that provides identity authentication. eSignet serves as an identity provider for Inji-based authentication.
The sequence of steps for user authentication, typically involving unique ID entry and OTP verification through eSignet.
A method allowing users to log in to multiple services with a single set of credentials. SSO via QR Code enables scanning QR on service portal and sharing selected VCs after user consent.
A unique identifier for an application in OAuth/OIDC flows. Required for issuer and verifier configuration in mimoto-issuers-config.json and mimoto-trusted-verifiers.json.
An alias for the client used in OIDC configuration. Updated alongside Client ID in issuer configuration.
A URL where users are redirected after authentication. Configured for verifiers in mimoto-trusted-verifiers.json for online sharing.
A standardized endpoint (.well-known) where issuers publish their metadata including credential types and display properties.
The process of discovering OpenID Connect provider configuration from well-known endpoints.
An endpoint providing configuration information about an issuer or authorization server.
Android's hardware-backed keystore for secure cryptographic key storage. Inji Wallet stores private keys using Android Keystore, ensuring keys cannot be exported or tampered.
Apple's hardware-based security feature for cryptographic operations. Inji Wallet uses iOS Secure Enclave for private key storage with protection against export or tampering.
Apple's secure storage system for sensitive data. Secure Keystore uses iOS Keychain/Secure Enclave for key management.
Cloud backup option for Inji Wallet on Android devices. Users select their Google account for backup.
Cloud backup option for Inji Wallet on iOS devices. Uses the logged-in Apple account.
Apple's facial recognition system. Supported by Inji Wallet for biometric authentication.
Apple's fingerprint recognition system. Supported by Inji Wallet for biometric authentication.
Android's biometric authentication framework. Supported by Inji Wallet for app authentication.
A framework for building native mobile apps using React. Inji Wallet uses React Native 0.74.5 with Hermes Engine enabled.
A programming language for Android development. Inji provides Kotlin packages for components like VCI-Client, PixelPass, and Tuvali.
A programming language for iOS development. Inji provides Swift packages for components like VCI-Client, PixelPass, and Tuvali.
An application built specifically for a mobile platform. Inji Wallet is available as native apps for Android and iOS.
An application accessed through a web browser. Inji Web is a browser-based wallet accessible from any computer.
A technique to navigate users directly into a specific location within a mobile app. Used in same-device OpenID4VP flows.
The international standards organization responsible for the Verifiable Credentials Data Model that Inji implements.
The standards body responsible for SD-JWT specifications that Inji supports.
The standards body responsible for ISO 18013-5 (mDL) that Inji supports for mobile driving licenses.
The organization responsible for OpenID4VCI and OpenID4VP specifications that Inji implements.
The open-source community that governs Inji development. Contributions are welcome from the community, and questions can be posted in the MOSIP Community forum (community.mosip.io).
Logging provided by the Audit Plugin that tracks and logs actions within the system for auditing purposes.
Data collection for monitoring application usage and performance. Inji Wallet connects to a Telemetry Server (OBSRV_HOST) for analytics.
Deploying Inji components on cloud infrastructure. Supports flexible deployment options including cloud, on-premises, and hybrid.
Deploying Inji components on an organization's own infrastructure rather than cloud services.
A deployment model combining cloud and on-premises infrastructure.
An environment for experimentation and testing. Local development setup is intended for experimentation and user experience.
A deployment environment designed for production with Kubernetes cluster support, enabling issuers to host and utilize the product at scale.
Managing configuration through properties files and environment configuration. Configurable properties are maintained per deployment environment with environment-specific branches in repositories.
Configuration values set in the deployment environment. Inji Web connects with Mimoto using configuration in env.config.js file.
Kubernetes deployment packages available in helm folders for deploying Inji components on K8s clusters.
Credential rendering using Scalable Vector Graphics format. Inji Wallet supports SVG-based credential rendering for Data Model 2.0 VCs, preserving the original design, layout, and branding of credentials. Ensures displayed information directly corresponds to cryptographically verified credential data.
Templates for different VC types managed by the Template Engine. Inji Certify includes renderMethod parameter in credential metadata instructing wallets on credential visual rendering.
Templates stored by the Credential Schema Service that define how credentials are visually displayed.
The process of displaying credentials as visual cards in the wallet interface.
Creating QR codes from credential data. PixelPass provides generateQRCode function that takes data, ECC (Error Correction Level), and header to return a base64 encoded PNG image.
Reading QR codes using device camera. Users can easily scan QR codes embedded within documents. Devices should have at least 12 megapixels camera with 1020p quality for optimal results.
Uploading QR code images for verification rather than scanning. Users can upload QR codes or documents with QR codes printed on them.
The compression and encoding process used by PixelPass: Compressed > CBOR Encoded > Base45 Encoded.
Reducing data size for efficient QR code generation. PixelPass uses zlib compression with the highest compression level (level 9).
Metadata provided by issuers including credential display name, logo, background color, background image, and text color for rendering credentials.
The ability to download and manage credentials from multiple issuers in the same wallet. Mimoto provides APIs to get a list of issuers and retrieve configuration for specific issuers.
A wallet capable of storing multiple types of credentials. Inji Mobile Wallet streamlines all types of identification and credentials into one digital wallet.
The ability of credentials and systems to work across different platforms and ecosystems. By adhering to open standards, Inji ensures credentials are portable and verifiable across different ecosystems.
The ability to use credentials across different systems and platforms. W3C VC format is not proprietary to Inji and credentials are verifiable by systems outside the MOSIP ecosystem.
Avoiding dependence on a single vendor's technology. Inji is open-source with no licensing fees and credentials work across different platforms.
Inji is governed by MOSIP with community contributions. Check contribution guidelines to learn how to contribute code.