Introduction

The Identity Hub is performing three distinct functions:

• Permissioned, object storage API - see the Explainer.
• Management of the lifecycle of the user’s Agents - see Identity Hub Attestation Flows and Components.

• DID-based authentication (DID Auth) - see Hub Authentication, did-auth-jose.

  • Similar to OIDC (OpenID Connect), but with Authenticated Encryption and DID resolution to fetch the keys in order to verify the client’s signature on the request.
  • An access token is issued to the client if successfully authenticated.

TODO