#Service Catalog

Services provide the functional capabilities for decentralized identity and ID wallets. They live inside tenants or sub-tenants, and each instance gets its own configuration so you can run multiple variants of the same service (for example, one issuer for W3C VCs and another for SD-JWT VCs). Use this catalog once you know which capability you want to deploy and need the corresponding guide.

#Need a different starting point?

#How the catalog is organized

The list below is split into operational services (they handle the runtime operations–issuance, verification, wallet actions) and storage & registry services (they persist state and expose it). Pick whichever category matches the capability you’re looking for, then dive into the linked guide.

#Operational services

• KMS Service - Manage cryptographic keys for signing and encryption workloads.
• Issuer2 Service - Sign & issue digital credentials (W3C VC, SD-JWT VC, mDL) using the OpenID4VCI 1.0 specification.
• Issuer Service - Sign & issue digital credentials (W3C VC, SD-JWT VC, mDL) with Draft 11, 13 OpenID4VCI specifications.
• Verifier2 Service - Request & verify digital credentials using the OpenID4VP 1.0 specification.
• Verifier Service - Request & verify digital credentials using the OpenID4VP Draft14, 20 specifications.
• Wallet Service - Run identity wallets for individuals or organizations. Supports Draft 11, 13 OpenID4VCI specifications + Draft 14, 20 OpenID4VP specifications + OpenID4VP 1.0 specification.
• DID Service - Create decentralized identifiers across supported DID methods.
• Credential Status Service - Manage credential status lists (revocation, suspension, etc.).

#Storage & registry services

• DID Store Service - Store and manage DIDs and DID documents.
• Credential Store Service - Store and query issued credentials.
• Holder Policy Store Service - Store and manage holder policies for silent issuance or wallet-driven verification.
• DID Registry - Host did:web documents and expose them over HTTPS.