IDP Kit configuration and setup

To setup the IDP Kit a few things may need to be considered and some configuration may be required, depending on your situation.

Data root

Configuration and data are kept in sub folders of the data root (by default the current working directory):

• config/

• data/

To override the data root, one can set the environment variable:

WALTID_DATA_ROOT

Command line interface - CLI

In the following sections you will find examples using the command line interface.

Refer to CLI | Command line interface for basic instructions of using the command line interface.

Submodule configuration

The IDP Kit consists of multiple submodules, which need to be configured according to your requirements:

• OIDC Manager

  • Provides standard OIDC API endpoints, for communication with client applications

• SIOP Manager

  • Provides presentation exchange and verification with SSI wallets via the OIDC/SIOP protocol

• NFT Manager

  • Provides communication with NFT wallets and verification of NFT collections and traits

Binding address and port

By default, the IDP Kit exposes its API endpoints bound to localhost on port 8080.

To override the default bindings, set the following environment variables:

WALTID_WALLET_BACKEND_BIND_ADDRESS

WALTID_WALLET_BACKEND_PORT

Note: these variables are inherited from Wallet Kit, which is why they have the term WALLET in it.

Command arguments

To set binding address and port, you can also use the command arguments of the run command like so:

To set the bind address to "192.168.0.1" and the port to 8081:

waltid-idpkit run -b "192.168.0.1" -p 8081

To bind to all interfaces (on the default port):

waltid-idpkit run --bind-all

NFT Kit JS

The IDP Kit needs to communicate with the NFT Kit JS to process the NFT authorization request. You need to run an NFT Kit JS instance and specify which URL is accessible.

"jsProjectExternalUrl":"http://localhost:4000",

API Keys for NFT verification

The underlying NFT Kit needs a configuration file to be able to verify NFTs for the IDP Kit. Therefore, you need to create a walt.yaml file in the root folder of the IDP Kit.

Only two values must be updated. One of the providers, depending on the network, where the NFT collection is lying and alchemy under the apiKeys section. The privateKey just holds a placeholder value and can stay as it is.

hikariDataSource:
  jdbcUrl: jdbc:sqlite:data/walt.db
  maximumPoolSize: 5
  autoCommit: false
  dataSource:
    journalMode: WAL
    fullColumnNames: false

azureKeyVaultConfig:
  baseURL:
  id:
  secret:

providers:
  ethereum: "ethereum"
  goerli: "goerli"
  polygon: "polygon"
  mumbai: "mumbai"

privateKey: "bd4cb3e507f342ee3a710370cef39dda48f17b0a158b0b8dddf000fbd5b2c2d9"


apiKeys:
  ethereumBlockExplorer: ""
  polygonBlockExplorer: ""
  alchemy: "alchemy_api_key"
  nftstorage: ""

providers: a list of URLs to RPC node provider for every network. You can get them either from Infura or Alchemy.

Examples:

• https://rinkeby.infura.io/v3/0184192d0fd9423b52322d79eca162b2

• https://polygon-mumbai.g.alchemy.com/v2/yjbYhlaH3U_vfnTiRQ3miGQS0cKwQMGh

alchemy:an API key from Alchemy.