Show Me Your Wallet to Tell Me Who You Are - Using Verifiable Credentials with OAuth

A talk given by Daniel Lindau from Curity at Nordic APIs 2024 Platform Summit.

Traditionally, authentication requires an authority, the Identity Provider (IdP) that is more or less involved in every interaction of a user with a (new) application. What is more, the IdP commonly collects and shares personal data about the user with the application. However, the paradigm is about to change with Decentralized Identifiers and Verifiable Credentials emerging, giving users more control over their identity. OAuth is the latest and currently greatest web protocol for authentication and authorization - and it lends itself well to self-sovereign identities. This talk covers: The roles in a decentralized identity system Some use-cases for Verifiable Credentials How the OAuth protocol enables self-sovereign identities