Secure credential verification in 3 simple steps
Scytales Connector uses OpenID Connect and OAuth 2.0 standards to provide seamless, secure credential verification. Instead of passwords, users prove their identity using digital credentials from their secure wallets.
When a user tries to access your application, they click "Verify with Digital Wallet" instead of entering a password. Your application redirects them to Scytales Connector using standard OpenID Connect authorization flow.
https://connector.scytales.dev/authorize?
client_id=YOUR_CLIENT_ID&
redirect_uri=YOUR_CALLBACK_URL&
scope=openid+profile+scope:mdl&
response_type=code
The user's digital wallet (browser-based or mobile app) presents their credential. This could be a mobile driver's license (mDL), European Digital Identity (PID), or other verifiable credential. The wallet uses cryptographic proofs to verify authenticity without revealing unnecessary personal information (selective disclosure).
Scytales Connector validates the credential's cryptographic signature, checks the issuer's trustworthiness, verifies it hasn't been revoked, and confirms it meets your requirements. Once verified, an authorization code is issued.
Your application exchanges the authorization code for an ID token and access token. The ID token contains verified claims about the user (name, age verification, etc.). Your application now knows the user is authenticated with a verified credential.
POST /token
{
"code": "AUTH_CODE",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_SECRET"
}
→ Returns ID Token with verified claims
Built on industry standards
Standard authentication layer on top of OAuth 2.0. Widely adopted by Google, Microsoft, and thousands of applications worldwide.
Open standard for digital credentials. Enables cryptographic verification of claims without contacting the issuer.
International standard for mobile driver's licenses and identity credentials stored in digital wallets.
Get started with just 5 lines of code
const config = {
authority: 'https://connector.scytales.dev',
client_id: 'YOUR_CLIENT_ID',
redirect_uri: 'https://yourapp.com/callback',
scope: 'openid profile scope:mdl'
};
// Redirect to verification
await oidcClient.login(config);
That's it! User verification is now handled securely.
View Full DocumentationEnterprise-grade protection built-in
All credential data is encrypted in transit using TLS 1.3
We don't store personal credentials, only verification metadata
Users share only required attributes, not entire credentials
Cryptographic validation of credential issuers
Real-time verification that credentials haven't been revoked
Complete audit trail for compliance and debugging
Standard OpenID Connect means you can integrate using existing libraries in any programming language. Most developers are up and running in under 2 minutes.
Built on W3C and OpenID Foundation standards that are being adopted globally. Compatible with EU Digital Identity Wallet, ISO mDL, and emerging credential standards.
ISO 27001 certified infrastructure, GDPR compliant, SOC 2 audited, and backed by cryptographic verification. Your security requirements are our priority.
Start with 1,000 free verifications per month and scale to millions. Battle-tested infrastructure handles peak loads automatically with 99.9% uptime SLA.
Integrate secure credential verification in minutes