baseid-oid4vci
The OID4VCI crate implements the OpenID for Verifiable Credential Issuance protocol, enabling wallets to obtain credentials from issuers over HTTPS.
Installation
Section titled “Installation”[dependencies]baseid-oid4vci = "0.1.0-alpha.1"Issuer Metadata
Section titled “Issuer Metadata”use baseid_oid4vci::metadata::IssuerMetadata;
let metadata = IssuerMetadata { credential_issuer: "https://issuer.example.com".into(), credential_endpoint: "https://issuer.example.com/credential".into(), credentials_supported: vec![/* ... */], // ...};Credential Offer
Section titled “Credential Offer”The issuer creates a credential offer for the wallet:
use baseid_oid4vci::offer::CredentialOffer;
let offer = CredentialOffer { credential_issuer: "https://issuer.example.com".into(), credential_configuration_ids: vec!["UniversityDegree".into()], grants: Some(grants),};
let offer_uri = offer.to_uri()?;// "openid-credential-offer://..."Wallet Flow
Section titled “Wallet Flow”use baseid_oid4vci::wallet::Oid4vciWallet;
// 1. Parse the offerlet offer = CredentialOffer::from_uri(&offer_uri)?;
// 2. Fetch issuer metadatalet metadata = Oid4vciWallet::fetch_metadata(&offer.credential_issuer).await?;
// 3. Obtain access tokenlet token = Oid4vciWallet::token_request(&metadata, &grant).await?;
// 4. Request the credentiallet credential = Oid4vciWallet::credential_request(&metadata, &token, &proof).await?;Supported Grant Types
Section titled “Supported Grant Types”| Grant Type | Description |
|---|---|
| Pre-Authorized Code | Issuer provides a code out-of-band (e.g., QR code) |
| Authorization Code | Standard OAuth 2.0 authorization flow |