Trust anchors, programmable

Integrations

Broker, Credential Issuer, and eIDAS Verifier compose with Trust Registry on every presentation.

Every verifier in the Thoryn fabric talks to Trust Registry on every presentation. Here's the full composition.

Trust Registry composition with Broker, Credential Issuer, eIDAS Verifier, and VCT Registry — Trust Registry sits behind every verifier in the catalog — Broker, eIDAS Verifier, TrustGate — and complements VCT Registry on the issuer-metadata side.

Thoryn catalog composition

Trust Registry + Broker

Pattern: Broker calls the registry on every presentation to resolve issuer JWKS and trust status. Revoke an issuer at the registry → every Broker verifier rejects within seconds.

Trust Registry + Credential Issuer

Pattern: Issuers publish their JWKS to the registry (auto-registration on roadmap). The registry becomes the discovery surface for verifiers: given an issuer identifier, return the signing keys.

Trust Registry + eIDAS Verifier

Pattern: eIDAS Verifier is the member-state-qualified verifier path. It reads the EU Trusted Lists via the registry; qualified presentations chain through the registry to the member-state root of trust.

Trust Registry + TrustGate

Pattern: TrustGate delegates verification to Broker, which in turn uses the registry. Physical access doors thus inherit the registry's trust decisions without carrying cached keys.

Trust Registry ↔ VCT Registry (complementary)

Pattern: Trust Registry answers 'who can issue?'. VCT Registry answers 'what are they issuing?'. Admin UIs cross-link so operators can navigate from an issuer entry to the VCTs they're authorised for, and vice versa.

Also on Trust Registry

Ready to govern trust?

Request access to stand up your own Trust Registry and connect it to Broker.

Get started Book a demo