Release Notes

0.4.0

Features


Authentication

Login Token Security

  • Provide signing and verification keys for login tokens securely stored in an external AWS Key Management Service (KMS). Learn more here

Issuer API

Support for OpenID4VCI Draft 11 & 13

  • The Enterprise Issuer API now supports OpenID4VCI Draft 11 and Draft 13, focusing on the PreAuthorized Code Flow. Users can provide an optional standardVersion parameter in the issuance request to specify the required protocol version DRAFT11 or DRAFT13. If omitted, DRAFT13 will be used.

Authorization Code Flow in Issuer API

  • The Issuer API now supports the authorization code flow using ID_TOKEN and VP_TOKEN as authentication methods for OpenID4VCI Draft 11 and 13. This new feature introduces an authenticationMethod parameter in the /credentials/issue request, allowing for explicit specification of the desired authentication method.

Breaking Changes

Verifier API Presentation Definition Policy

  • The implementation has been corrected to include the "vc" part in compliance with the Presentation Exchange Specification v2.0.0. The previous implementation was incorrect because the evaluation of JSON paths starts from the root of the JWT claims segment. In the case of JWT VC JSON for the W3C VC Data Model v1.1, this segment contains a vc property where the credential data exists.

0.3.0

Features

  • Issuer Service OpenID metadata display information - Learn more
  • Verifier Service client display information - Learn more
  • Login Token Expiration Config Options (Accounts & Super Admins) - Learn more
  • API Key Expiration Options - Learn more
  • Issuer callback support - Learn more

Fixes

  • Remove MongoDB password from appearing in logs
  • Fix double slash issue in OIDC issuer offer URL

Breaking Changes

0.2.0

Features

  • KMS Service: AWS integration now offers instance Auth Authentication
  • API Service: Added List API keys endpoint
  • Truststore MongoDB SSL configuration
  • Added list accounts for each tenant endpoint
  • Added list accounts for each organization endpoint

Improvements

  • Automatically add basic organization endpoint information to OpenAPI docs
  • Showcase required permissions on SWAGGER Docs API endpoints
  • Import / delete key feature from waltid-crypto keys in KMS service
  • Improved error handling & messages

Fixes

  • Fix API key role assign
  • Fix edge-case of NullPointer by database when the default admin role is deleted and this was the users only role
  • Fix illegal character issue (wrong verifier openapi docs)
ServicesVerifiable Credentials (W3C)