SVX Documentation
Current
Ask or search…
K
Links
Comment on page

Supported Standards

Meeco is actively following and where possible contributing in standardisation efforts of the leading groups in the identity, personal data space. This page lists the currently supported standards within the platform.

Standard Bodies

Standards

Component
Open Specifications / Standards
Standard Body
Credential Data Model
W3C
Credential Data Format
JSON Web Token VC (JWT-VC) - signed as JWS (RFC7515)
W3C, IETF
Credential Presentation
DIF
Credential Presentation Transfer Protocol
OIDF
Credential JSON Schema
W3C
DID Authentication
OIDF
Identifier Data Model
W3C
Entity Identifier (NP)
did:key
W3C
Entity Identifier (NP)
did:jwk
-
Entity Identifier (NP,LE)
did:ebsi
EBSI
Entity Identifier (NP,LE)
HBAR
Entity Identifier (LE)
did:web
W3C
Revocation
DIF
M2M/User Authentication
The OAuth 2.0 Authorization Framework - Code flow, client credentials flow
IETF
User Authentication
IETF

Supported Algorithms

JWS Signature

Following key types are supported for JWS verification. The subset of supported "JWS Algorithms" are part of IANA - JSON Web Signature Algorithms registry.
JWS Algorithm
Key Type
ES256
ECDSA using P-256 and SHA-256
ES256K
ECDSA using secp256k1 and SHA-256
EdDSA
EdDSA using Ed25519 and SHA-256

Master Encryption Key Algorithms

Following algorithms are supported when generating derived keys. Used as defined in NIST - Master Key.
Key Type
PBKDF2HMAC

Key Encryption Algorithms

Following algorithms are supported when encrypting other keys at rest and in transit. Used as defined in NIST - Key-Encryption-Key.
Key Type
AES-256-GCM

Keypairs

Following keypair algorithms are supported for exchanging keys between parties. Used as defined in NIST - Key pair.
Key Type
RSA-4096

Data Encryption Algorithms

Following algorithms are supported when encrypting data at rest and in transit. Used as defined in NIST - Data Encryption Key.
Key Type
AES-256-GCM

Supported OAuth Authentication Flows

Following flows are supported by the platform.

OAuth Code Flow & PKCE

The Enterprise Portal uses a code flow in conjunction with Proof Key for Code Exchange (PKCE) for secure authentication of (admin)users logging into the portal.

Client Credentials Flow

Organisations building services on top of the SVX API can use the Enterprise Portal to create an application to enable machine to machine communication. The application allows access to a Client ID and Secret to perform the client credentials flow. The access token enables organisations to access the resources linked to that organisation.
Last modified 25d ago