The Issuing Service (M5) implements OpenID for Verifiable Credential Issuance, converting attributes from the national E-ID of Austria (ID Austria) into wallet credentials. Login at the issuing service with username and password from ID Austria test credentials (or use your national E-ID via eIDAS) to generate a QR Code containing a credential offer for your Wallet App.
The Relying Party implements several use cases from Potential LSP as well as a generic remote authentication flow for wallets. The service generates QR Codes according to OpenID for Verifiable Presentations to start a cross device flow and renders links to start a same device flow. The verifier also links to an "online" or "remote" wallet, where the user can perform authentication directly in the browser, i.e. attribute data are loaded from ID Austria and are converted on-the-fly into wallet credentials. We've also published a very simple Relying Party Demonstrator project based on Spring Boot.
Download Valera, our open source Kotlin compose multiplatform wallet app, for Android and install it on your device running Android 10 or above. For the iOS version of the app, you might join our Testflight.
To load credentials in your app, please use the backend service at https://wallet.a-sit.at/m5/, which should be pre-selected in the app. Proceeding in the app should open a login page, where you can select "ID Austria" and then use username and password from the list of ID Austria test credentials (or use your national E-ID via eIDAS) to load attribute data. The browser should redirect you back into the wallet app, where the selected credential is loaded.
The wallet app can then be used to authenticate at compatible verifiers by scanning a QR code or getting invoked directly by clicking a link. It works quite well with our own relying party.
The app has been last updated on 2025-01-15 to version 5.4.3.
Visit A-SIT Plus Open Source to have a look at the libraries powering the services mentioned above, in particular Signum for cryptography and VC-K for the credentials.
We've implemented the relevant standards like OID4VCI, OID4VP, SIOPv2, as well as relevant profiles from Potential and OpenID4VC HAIP. We can't make guarantees that everything is correct one-hundred percent. See the VC-K readme for some sample requests and responses.