SDK and API Surface
API Baseline
APIS integrations rely on a small set of canonical endpoints:
POST /v1/issuance/noncePOST /v1/passportsGET /v1/passports/{passport_did}PATCH /v1/passports/{passport_did}/statusPOST /v1/passports/{passport_did}/revokeGET /.well-known/openid-configurationGET /.well-known/jwks.json
Artifacts
Verifier SDK Responsibilities
A verifier-oriented SDK should implement:
- discovery metadata retrieval
- JWKS caching and rotation handling
- signature verification for passport/mandate/action
- revocation nonce checking
- policy and scope enforcement hooks
Issuer SDK Responsibilities
An issuer-oriented SDK should provide:
- nonce generation and lifecycle handling
- proof-of-possession verification
- DID and fingerprint generation
- credential minting and status transitions
- immutable audit event publishing
Compatibility Guidance
Treat schemas in /spec/*.json|yaml as contract artifacts and pin versions in your integration pipeline.