Overview
The SIROS ID platform is an open-source, multi-tenant digital credentials platform built around the OpenID4VC ecosystem. It enables organizations to issue, manage, and verify digital credentials following EU Digital Identity Wallet (EUDIW) standards.
Architecture
How it works:
-
Issuance: Your identity provider authenticates users, and the issuer creates digital credentials stored in user wallets.
-
Verification: When users access your application, they present credentials from their wallet. The verifier validates them and returns standard OIDC tokens to your app.
-
Trust: Go-Trust provides unified trust evaluation via AuthZEN, querying ETSI Trust Lists, OpenID Federation, and DID documents.
Core Components
| Component | Description | Learn More |
|---|---|---|
| Issuer | Creates and signs digital credentials using OID4VCI protocol | Issuer Integration |
| Credential Manager | wwWallet-based wallet for storing and presenting credentials | Credential Manager |
| Verifier | Validates credentials and provides OIDC/OID4VP interfaces | Verifier Integration |
| Trust Framework | OpenID Federation and ETSI TSL support for trust validation | Trust Architecture |
| Credential Type Registry | Aggregated credential type metadata | registry.siros.org |
Supported Standards
| Standard | Description | Use Case |
|---|---|---|
| OID4VCI | OpenID for Verifiable Credential Issuance | Credential issuance flows |
| OID4VP | OpenID for Verifiable Presentations | Credential verification |
| SD-JWT VC | Selective Disclosure JWT Verifiable Credentials | EUDIW credential format |
| ISO 18013-5 | Mobile driving license standard (mDL/mDoc) | Mobile documents |
| Digital Credentials API | W3C Digital Credentials API | Browser-native flows |
| Token Status Lists | Credential revocation mechanism | Status checking |
Credential Formats
| Format | Selective Disclosure | Status | Primary Use |
|---|---|---|---|
| SD-JWT VC | ✅ Yes | Recommended | EU Digital Identity |
| mDL/mDoc | ✅ Yes | Supported | Mobile documents |
| JWT VC | ❌ No | Legacy | Compatibility |
Deployment Options
| Option | Description | Best For |
|---|---|---|
| Hosted | Use SIROS ID cloud services | Quick start, SaaS model |
| Self-Hosted | Deploy in your infrastructure | Data sovereignty, on-premise |
| Hybrid | Mix hosted and self-hosted | Flexible requirements |
Getting Started
Quick Start Guide – Get up and running in under 15 minutes
Integration Guides
| Area | Guide | Description |
|---|---|---|
| Issuance | Issuing Credentials | Core guide for credential issuance |
| SAML IdP | Connect SAML identity providers | |
| OpenID Connect Provider | Connect OIDC providers | |
| Verification | Verifying Credentials | Core guide for credential verification |
| OpenID Connect RP | Integrate with OIDC applications | |
| Trust | Trust Services | Configure trust frameworks |
Demo Environment
A SIROS ID demo environment is available for testing:
| Service | URL |
|---|---|
| Wallet | id.siros.org |
| Demo Verifier | https://main.demo.verifier.id.siros.org |
| Demo Issuer | https://main.demo.issuer.id.siros.org |
SIROS ID hosted services use subdomain-based multi-tenancy:
- Wallet:
https://id.siros.org/<tenant> - Verifiers:
https://<instance>.<tenant>.verifier.id.siros.org - Issuers:
https://<instance>.<tenant>.issuer.id.siros.org
Source Code
- Issuer/Verifier: github.com/SUNET/vc
- Wallet: github.com/wwWallet
- Trust Services: github.com/sirosfoundation/go-trust
Support
- 📧 Email: support@siros.org
- GitHub Issues: For technical issues and feature requests