Verifiable Credentials (VC)

The iSHARE Trust Framework supports Verifiable Credentials adhering to W3C Verifiable Credentials Data Model 2.0 as a technical standard for representing verifiable identity, adherence, and authorisation information.

This functionality complements the existing OAuth 2.0 and OpenID Connect 1.0 standards within iSHARE, offering an additional, decentralised mechanism for establishing trust across data spaces. VCs enable flexible use across both machine-to-machine (M2M) and human-to-machine (H2M) contexts.

Associated Protocols

The iSHARE specifications refers to following standards to enable issuance and verification of the VCs:

• For human-to-machine interaction:

  • OpenID for Verifiable Credential Issuance (OID4VCI): defines how credentials are securely issued using OAuth 2.0-compatible flows.

  • OpenID for Verifiable Presentations (OID4VP): defines how holders present credentials and how verifiers validate them in a standardised request/response exchange.

• For machine-to-machine interaction:

  • Decentralized Claims Protocol (DCP): defines how credentials are issued and presented in a data space machine-to-machine context.

These protocols ensure that credential flows integrate seamlessly with iSHARE authorisation flows while remaining interoperable with external wallets and identity ecosystems such as eIDAS 2.0.

Backwards Compatibility and Hybrid Use

To maintain backward compatibility, iSHARE supports a hybrid trust model where either Verifiable Credentials or existing JWT-based tokens can be used.

This allows gradual adoption of VC-based trust interactions without disrupting existing authorisation and identity processes.