swiyu using ASP.NET Core and Microsoft Aspire

Basic setup to issue and verify swiyu credentials using the swiyu public beta, ASP.NET Core and Aspire.

Demo

Blogs

• Issue and verify credentials using the Swiss Digital identity public beta, ASP.NET Core and .NET Aspire
• Use swiyu, the Swiss E-ID to authenticate users with Duende and .NET Aspire
• Implement MFA using swiyu, the Swiss E-ID with Duende IdentityServer, ASP.NET Core Identity and .NET Aspire
• Implement forgot your password using swiyu, ASP.NET Core Identity and Aspire

Blogs loa, loi

• Digital authentication and identity validation
• Set the amr claim when using passkeys authentication in ASP.NET Core
• Implementing Level of Authentication (LoA) with ASP.NET Core Identity and Duende
• Implementing Level of Identification (LoI) with ASP.NET Core Identity and Duende
• Force step up authentication in web applications
• Use client assertions in ASP.NET Core using OpenID Connect, OAuth DPoP and OAuth PAR
• Secure the swiyu container using a YARP proxy
• Add Application security to the swiyu generic management verifier APIs using OAuth

Architecture overview

Getting started:

• swiyu
• Dev docs
• Changelog

Podman

https://podman-desktop.io/docs/troubleshooting/troubleshooting-podman

podman machine start

ef DB Migrations

dotnet ef migrations add InitialCreate
dotnet ef database update

Used OSS packages, containers, repositories

• ImageMagick: https://github.com/manuelbl/QrCodeGenerator/tree/master/Demo-ImageMagick
• Microsoft Aspire: https://learn.microsoft.com/en-us/dotnet/aspire/get-started/aspire-overview
• Net.Codecrete.QrCodeGenerator: https://github.com/manuelbl/QrCodeGenerator/
• swiyu
  • ghcr.io/swiyu-admin-ch/swiyu-issuer
  • ghcr.io/swiyu-admin-ch/swiyu-verifier

Swagger

https://swiyu-issuer.redpebble-62dbc6b1.switzerlandnorth.azurecontainerapps.io/swagger-ui/index.html https://swiyu-verifier.redpebble-62dbc6b1.switzerlandnorth.azurecontainerapps.io/swagger-ui/index.html

Links

https://swiyu-admin-ch.github.io/

https://www.eid.admin.ch/en/public-beta-e

https://learn.microsoft.com/en-us/dotnet/aspire/get-started/aspire-overview

https://www.npmjs.com/package/ngrok

https://swiyu-admin-ch.github.io/specifications/interoperability-profile/

https://andrewlock.net/converting-a-docker-compose-file-to-aspire/

https://swiyu-admin-ch.github.io/cookbooks/onboarding-generic-verifier/

https://github.com/orgs/swiyu-admin-ch/projects/2/views/2

Standards

https://identity.foundation/trustdidweb/

https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html

https://openid.net/specs/openid-4-verifiable-presentations-1_0.html

https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/

https://datatracker.ietf.org/doc/draft-ietf-oauth-sd-jwt-vc/

https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/

https://www.w3.org/TR/vc-data-model-2.0/