Issuance, programmable

Integrations

Credential Issuer sits upstream of every verifier. Here's how it composes with the rest of the Thoryn fabric.

Credential Issuer is upstream of every verifier. Here's how it composes with the rest of the Thoryn catalog.

Credential Issuer with Trust Registry, Hub, Broker, wallets, and eIDAS Verifier — Issuer at the centre; Trust Registry above supplies JWKS, holders to the right receive, verifiers below consume.

Thoryn catalog composition

Credential Issuer + Hub

Hub federates user authentication for the auth-code flow (roadmap). Operators who need user-initiated issuance redirect to Hub, receive an ID token, then mint the credential.

Credential Issuer + Trust Registry

Trust Registry publishes the issuer's JWKS so verifiers can resolve the signing key. JWKS auto-registration is on roadmap; today the operator registers manually.

Credential Issuer + Broker

Credential Issuer mints; Broker verifies. Both share SD-JWT VC. The cross-product end-to-end test fixture mints, presents, and verifies in CI.

Credential Issuer + Cloud Wallet

Cloud Wallet receives credentials via standard OID4VCI. No issuer-side configuration — Cloud Wallet is just another holder.

Credential Issuer + Native Wallet SDK

The SDK's receive() call against the issuer's offer URL. Protocol-pure — nothing issuer-specific.

Credential Issuer + VCT Registry

Credential templates reference VCT URLs. VCT Registry serves the type metadata (display info, claim schema). Wallets resolve VCTs for display; verifiers resolve for validation.

Credential Issuer + eIDAS Verifier

For qualified issuance, the issuer's signing key must chain to the eIDAS trust list. eIDAS Verifier consumes these credentials on the verifier side.

Also on Credential Issuer

Ready to become an issuer?

Request access to mint SD-JWT VC credentials with templates, revocation, and multi-tenant isolation.

Get started Book a demo