Enable issuance flow for multiple wallet providers

[evegufy]

Overview

Explain the topic in 2 sentences

Operating companies should be able to choose between multiple wallet solutions when onboarding customers to the network. The issuance / onbarding flow in the portal should be enabled accordingly.

The solution is similar to the state of implementation with the Catena-X Jupiter release but the operating company has the option to choose between multiple wallet providers.

What's the benefit?

In the current implementation state the operating company is technically restricted to one wallet provider which is leading to a potential vendor lock-in situation.

Enabling the option to choose between multiple wallet solutions in the issuance flow would mitigate that risk.

What are the Risks/Dependencies ?

Dependencies to the identity-hub and credential-issuer need to be clarified.

Detailed explanation

Current implementation

sequenceDiagram
    Operating Company->>Operating Company: Validate registration manually
    Operating Company->>BPDM: Request Business Partner Number
    BPDM->>Operating Company: Send Business Partner Number
    Operating Company->>Company Wallet: Request Wallet and DID Creation
    Company Wallet->>Operating Company: Send Wallet information and DID Document
    Operating Company->>BDRS: Add BPN-DID Mapping
    Operating Company->>Credential Issuer: Request BPN Credential
    Credential Issuer->>Credential Issuer: Create Credential
    Credential Issuer->>Operating Company Wallet: Request Verified Credential
    Operating Company Wallet->>Credential Issuer: Send operationId
    Credential Issuer->>Operating Company Wallet: Get Verified Credential
    Operating Company Wallet->>Credential Issuer: Send Verified Credential
    Credential Issuer->>Company Wallet: Add Verified Credential
    Credential Issuer->>Operating Company: Confirm Credential Creation
    Operating Company->>Credential Issuer: Request Membership Credential
    Credential Issuer->>Credential Issuer: Create Credential
    Credential Issuer->>Operating Company Wallet: Request Verified Credential
    Operating Company Wallet->>Credential Issuer: Send operationId
    Credential Issuer->>Operating Company Wallet: Get Verified Credential
    Operating Company Wallet->>Credential Issuer: Send Verified Credential
    Credential Issuer->>Company Wallet: Add Verified Credential
    Operating Company->>Clearinghouse: Request Check & Verified Credential
    Clearinghouse->>Operating Company: Confirm check
    Operating Company->>SD Factory: Request Self Description creation for Legal Person
    SD Factory->>Clearinghouse: Request Self Description creation for Legal Person
    Clearinghouse->>Operating Company: Send signed Self Description for Legal Person
    Company->>Company: Store the Legal Person Credential in the Portal DB
    Operating Company->>Company: Approve company application request

Loading

Proposed improvements

sequenceDiagram
    Operating Company->>Company: Invite "To be onboarded company" by sending an email invitation
    Company->>Company: Click on the link in the invitation e-mail to access the registration form
    Company->>Company: Login to the registration form
    Company->>Company: Insert company data: address, commercial register number, etc.
    Company->>Company: Select company role inside the CX Network
    Company->>Company: Agree to Terms & Conditions/ Frame Contract
    Company->>Company: Upload commercial register extract
    Company->>Company: Select Digital Identity integration solution <<NEW>>
    Company->>Company: Validate data
    Company->>Operating Company: Submit company application
    Operating Company->>Operating Company: Validate registration manually
    Operating Company->>BPDM: Request Business Partner Number
    BPDM->>Operating Company: Send Business Partner Number

Loading

graph TD
    A[Operating Company] --> B{Check if Wallet Address and DID were entered during registration}
    B -->|Yes| C[Continue with 'Add BPN-DID Mapping' due to solution 2]
    B -->|No| D[Continue with 'Request Wallet and DID Creation' due to solution 1]

Loading

sequenceDiagram
    Operating Company->>Company Wallet: Request Wallet and DID Creation <<NEW>> SKIPPED for solution 2
    Company Wallet->>Operating Company: Send Wallet information and DID Document <<NEW>> SKIPPED for solution 2
    Operating Company->>BDRS: Add BPN-DID Mapping
    Operating Company->>Clearinghouse: Request Check & Verified Credential
    Clearinghouse->>Operating Company: Confirm check
    Operating Company->>SD Factory: Request Self Description creation for Legal Person
    SD Factory->>Clearinghouse: Request Self Description creation for Legal Person
    Clearinghouse->>Operating Company: Send Self Description for Legal Person
    Operating Company->>Company: Approve company application request
    Company->>Company: Receive welcome-email
    Company->>Company: Login to the CX Portal
    Company->>Company: Setup and change Digital Identity integration <<NEW>>
    Company->>Company: Register connector
    Company->>Company: Manage company inside the dataspace: invite company users, configure your company needs, explore the marketplaces, etc.

Loading

Feature Team

Contributor

• Contributor 1
• Contributor 2

Committer

• @evegufy
• @Phil91

User Stories

• Issue 1, linked to specific repository
• Issue 2, linked to another specific repository

Acceptance Criteria

• Criteria 1
• Criteria 2
• Criteria 3

Test Cases

Test Case 1

Steps

1. Do something
2. Click something
3. Add something

Expected Result

1. Expectation
2. Expectation
3. Expectation

Architectural Relevance

The following items are ensured (answer: yes) after this issue is implemented.

In the context of the standards 126 and 127, typically only one is applicable, depending on the specific use case. Please cross out one of the two standards that does not apply.

• This feature aligns with our current architectural guidelines
  • Data Sovereignty: All data sharing activities across company boundaries follow the Catena-X Regulatory Framework, in particular the Data Exchange Governance, and the Dataspace Protocol via a compliant Connector (like the tractusx-edc or similar, see Connector KIT)
    • CX-0010 Business Partner Number
    • CX-0013 Identity of Member Companies
    • CX-0018 Data Space Connectivity (EDC)
    • CX-0049 DID Document Schema
    • CX-0050 Framework Agreement Credential
    • CX-0149 Verified Company Identity
  • Interoperability: Digital Twins are used (compliant to the Digital Twin KIT and the Industry Core KIT)
    • CX-0001 EDC Discovery API
    • CX-0002 Digital Twins in Catena-X
    • CX-0018 Data Space Connectivity (EDC)
    • CX-0126 Industry Core: Part Type 2.0.0
    • CX-0127 Industry Core: Part Instance 2.0.0
  • Data Format:
    • The data model is based on a published Semantic Model
• The impact on the overall system architecture has been assessed. The Feature does not require changes to the architecture or any existing standard? Please have a look here on the overarching architecture
• Potential risks or conflicts with existing architecture has been assessed

Justification: (Fill this out, if at least one of the checkboxes above cannot be ticked. Contact the Architecture Management Committee to get an approval for the justification)

Additional information

• I am aware that my request may not be developed if no developer can be found for it. I'll try to contribute a developer (bring your own developer)

relates to

• Implementation of DCP Issuance Flow for Credential Issuer Service #1160
• SSI: Prepare IdentityHub Development Environment #1156

[hkny]

@evegufy do we want to split this issue into Onboarding and Issuance? TBD at 10:15

[marcelruland]

This issue seems to cover both initial onboarding (business and member management related aspects, executed by portal backend) and infrastructure setup. Should we split them?