GitHubCommunityWhat's NewContact Us

Version 0.15.0

Release Name: Inji Verify v0.15.0

Support: Developer Release

Release Date: Coming Soon

Overview

We are excited to announce the release of Inji Verify v0.15.0. This version introduces support for the SD-JWT format across all existing features including QR code scanning, QR upload, and Verifiable Presentation (VP) verification on both same-device and cross-device modes.

New Features

1. OpenID4VP Same-Device flow via deeplink: Inji Verify now supports the OpenID4VP Same Device Flow, allowing verifier and wallet to operate on the same mobile device.

  • Verifier sends an Authorization Request with presentation_definition via deep link.

  • Wallet authenticates the user, collects consent, and returns a vp_token via redirect (response_mode=direct_post).

  • Inji Verify parses the vp_token, validates credentials, and displays results with statuses: Valid, Valid but Expired, Invalid.

  • Multiple VCs displayed in card format, expandable details, color-coded statuses, and JSON download option.

  • This feature provides a seamless, app-like experience on same mobile device without requiring a second device.

2. Inji Verify SDK- OpenID4VP- VP verification component where same device flow (point 1) functionality is incorporated

  • Modular NPM Package: : Released as a standalone TypeScript component for seamless integration into verifier/relying party apps.

  • Easy Integration: Comes with a step-by-step integration guide and README.​

  • Compatibility: Supported for React + TypeScript verifier apps (React 18.2.0); broader framework/language support planned in future releases.

Note: The Inji Verify UI is a reference implementation to demonstrate orchestration. Developers can selectively embed SDK components in the verifier applications as per their needs.

Additional Enhancements:

1. OpenID4VP – QR Codes via request_uri: Inji Verify now supports QR codes that reference the Authorization Request via request_uri instead of embedding it directly.

  • Wallets resolve the request by performing an HTTP GET to the hosted request object.

  • This reduces QR code size, improves security (request hosted on trusted verifier servers), and alignment with OpenID4VP best practices.

2. DID-based client_id: Aligned with OpenID4VP Draft 23, Inji Verify now supports DID-based client_id values, replacing the deprecated client_id_scheme. This improves interoperability and trust through decentralized identifiers.

3. VP verification results display:

  • Verification results now display all originally requested credentials, including any newly shared after a missing credential prompt.

  • Status clearly shown (Valid, Invalid, Valid but Expired) with completion confirmation once all checks are done.

Repositories: Released/Dependent

Repositories
Tags: Released/Dependent

Inji Verify

v0.14.0

Projects: Released

Inji Verify Repositories: 4 projects (all these projects are of same version) as below:

  1. Inji Verify Service - 0.14.0 Inji Verify service

  2. Inji Verify UI (ref implementation) - https://github.com/mosip/inji-verify/tree/release-0.14.x/verify-ui

  3. SDK - https://github.com/mosip/inji-verify/tree/release-0.14.x/inji-verify-sdk

  4. API-Test - https://github.com/mosip/inji-verify/tree/release-0.14.x/api-test

Compatible modules

The following table outlines the tested and certified compatibility of Inji Verify 0.14.0 with other modules.

Module
Version

Inji Mobile Wallet

0.18.0

Inji Web Wallet

0.13.0

Pixel-Pass library

v0.6.0

vc-verifier library

v1.4.0

Known Issues

Below is a list of some key known issues. For a detailed overview and the complete list of issues related to Inji Verify, please click here.

Jira ID
Description

INJIVER-1061

In OpenID4VP (Cross device) component, after scanning the health insurance QR code in the injiwallet app, it is displaying the life insurance VC.

INJIVER-1131

The OpenID4VP (Cross device) component in Inji Verify currently validates a presentation as successful even when a wrong Verifiable Credential (VC) is submitted. As a temporary workaround, implement credential type validation on the Relaying Party (RP) side, by verifying that the received VC matches the expected type defined in the original presentation_definition.

INJIVER-1062

We are uploading an invalid QR code, and while it displays an error message stating that the QR code is invalid, the credential details are still visible.

INJIVER-1063

On iPhone 8 and iPhone 7, uploading the Injiweb QR code PDF shows an error message.

INJIVER-625

Inji Verify - Upload not functioning on Mac Safari Browser Versions 16 and below.

INJIVER-1194

INJI Verify SDK should be able to support integration with applications built on platforms beyond React (Typescript) applications, such as Angular, PHP, and others.

INJIVER-1220

User friendly error message is not displayed for expired session scenario.

INJIVER-1069

The MOSIP UIN VCs generated via reg-client are currently not verifiable through INJI Verify.

INJIVER-979

Long-polling listeners are implemented within the service layer, preventing the backend from scaling effectively in a multi-pod (distributed) environment.

User Stories

Jira ID
Description

INJIVER-526

OpenID4VP Same-Device flow via deeplink, allowing verifier and wallet to operate on the same mobile device.

INJIVER-1127

Integrate OpenID4VP- VP verification component (same device flow) in Inji Verify SDK.

INJIVER-1140

OpenID4VP Draft 23- Implement DID based client id scheme.

INJIVER-1213

OpenID4VP: Authorisation Request via request_uri for did based client id.

INJIVER-1235

Removal of wallet selection panel in OpenID4VP Same device flow (mobile).

INJIVER-1100

Display VC result of all credentials originally requested after missing credentials have been shared from mobile wallet successfully.

Bug Fixes

Below is the list of fixes as part of the 0.14.0 release:

Jira ID
Description

INJIVER-1278

Data share VC verification is failing.

INJIVER-1264

Timeout error occurs in /vp-request/{request_id}/status() for Same Device Flow on Android after successful VP submission.

INJIVER-1262

VP verification in Cross-Device Flow causes the iOS Inji Mobile app to crash.

INJIVER-1261

VP verification in Same-Device Flow causes the iOS Inji Mobile app to crash.

INJIVER-1230

SDK README on the NPM site is not updated.

INJIVER-1221

Same Device Flow is not fully developed.

INJIVER-1217

After scanning a QR code, clicking on 'Verify Another QR Code' sometimes causes the camera to freeze with a black screen.

INJIVER-1201

The Verifiable Credential Selection Panel is not set as the default option.

INJIVER-1198

UI Automation README is outdated and not aligned with recent changes.

INJIVER-1191

Add provision to send transactionID for VC submission from the Relying Party.

INJIVER-1186

The Verifiable Credential Panel contains duplicate element IDs.

INJIVER-1181

NPM warning prevents Sonar analysis from being triggered.

INJIVER-1163

Security testing identified a camera access issue in Inji Verify.

INJIVER-1139

Overlapping text appears at the bottom of the screen during the ‘Initiate VP Request’ process.

INJIVER-1090

Unable to verify two scenarios in the OVP flow.

INJIVER-1067

Language selection is not applied consistently across the entire screen.

INJIVER-939

Button label and layout are misaligned.

Documentation

Last updated

Was this helpful?