- SAP Managed Tags
In today’s interconnected digital landscape, secure and decentralized identity management is crucial for seamless and trusted data exchange. To facilitate this, SAP provides Decentralized Identity Verification, a Self-Sovereign Identity (SSI) wallet solution that enables organizations to participate in data spaces like Catena-X. This solution serves as a decentralized identity verification mechanism, ensuring that participants can exchange data securely while maintaining control over their credentials and identity.
In this blog, we will walk you through the steps to prepare an SSI wallet for a Catena-X participant, enabling efficient and trusted participation in a data space.
Getting Started with an SSI Wallet for Catena-X
After a tenant of Decentralized Identity Verification is created (partner setup), the following steps have to be completed:
1. Create an Application
An application in Decentralized Identity Verification is used to logically separate information in the wallet. This allows organizations to manage verifiable credentials, identities, and trust lists in a structured manner. To create an application:
- Access the Admin UI.
- Navigate to the Configuration section where the application can be created.
- Specify a name for the application.
- Optionally, provide a description and select a color.
Alternatively, the application can be created via the API using the following example:
POST {serviceUrl}/api/v2.0.0/applications
Content-Type: application/json
Authorization: Bearer {token}
{
"payload": {
"application": "Dataspace",
"description": "Dataspace information",
"colorAccent": 7
}
}
2. Create an Identity
Once the application is set up, the next step is to create an identity. Identities can be created in the Admin UI under the Identity section. Users must choose whether to create a preconfigured identity or specify all details manually.
For participation in the dataspace, the pre-configuration with IATP/DCP should be selected. After this selection, the user must specify a name for the identity. Optionally, a URL can be provided where the DID Document will be hosted. If no URL is specified, Decentralized Identity Verification will host the DID Document automatically.
The identity must also be linked to an application that was created in Step 1. If the identity is not used in an issuer use case, there is no need to create a revocation list.
Alternatively, the identity can be created via the API using the following example:
POST {serviceUrl}/api/v2.0.0/companyIdentities
Content-Type: application/json
Authorization: Bearer {token}
{
"payload": {
"bootstrap" : {
"hostingURL" : "https://example.com/user/1/did.json",
"name": "Company Identity",
"description": "Company Identity ",
"protocols": ["dcp-holder"],
"applications": ["dataspace"]
}
}
}By following these steps, organizations can ensure a structured and secure approach to managing identities and credentials within Catena-X using SAP’s Decentralized Identity Verification solution.
If you choose to publish the DID Document on your website, you must first download it and upload it to the specified location. Once the DID Document is accessible, the company identity is ready for use.
Conclusion
With the described steps, a company identity is successfully created and ready for use in a dataspace to securely share data. The identity service endpoint for sharing credentials and the authentication key are included in the DID Document, allowing communication partners to inspect and verify the identity. This ensures a trusted and interoperable environment for seamless data exchange.
Next Step:
-
Read more
| User | Count |
|---|---|
| 54 | |
| 19 | |
| 18 | |
| 11 | |
| 11 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 5 |
