SdJwt.Net.OidFederation 1.0.2

.NET 8.0 .NET Standard 2.1

dotnet add package SdJwt.Net.OidFederation --version 1.0.2

NuGet\Install-Package SdJwt.Net.OidFederation -Version 1.0.2

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="SdJwt.Net.OidFederation" Version="1.0.2" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageVersion Include="SdJwt.Net.OidFederation" Version="1.0.2" />
                    

                            Directory.Packages.props

<PackageReference Include="SdJwt.Net.OidFederation" />
                    

                            Project file

For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.

paket add SdJwt.Net.OidFederation --version 1.0.2

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: SdJwt.Net.OidFederation, 1.0.2"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

#:package SdJwt.Net.OidFederation@1.0.2

#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.

#addin nuget:?package=SdJwt.Net.OidFederation&version=1.0.2
                    

                            Install as a Cake Addin

#tool nuget:?package=SdJwt.Net.OidFederation&version=1.0.2
                    

                            Install as a Cake Tool

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

SdJwt.Net.OidFederation - OpenID Federation

Implementation of OpenID Federation 1.0 for trust management and entity federation. The package provides trust chain resolution, entity configuration validation, metadata policy processing, and trust mark handling.

Features

OpenID Federation 1.0: Core model and validation support
Trust Chain Resolution: Resolve chains from entity to configured trust anchors
Metadata Policy Processing: Apply policy operators across the chain
Trust Marks and Constraints: Evaluate trust marks and path constraints
HTTP + Cache Controls: Resolver options for timeout, max size, and cache behavior

Installation

dotnet add package SdJwt.Net.OidFederation

Quick Start

Entity Configuration Model

using SdJwt.Net.OidFederation.Models;
using Microsoft.IdentityModel.Tokens;

var entityConfiguration = EntityConfiguration.Create(
    entityUrl: "https://issuer.example.com",
    jwkSet: new
    {
        keys = new[] { JsonWebKeyConverter.ConvertFromSecurityKey(entityPublicKey) }
    },
    validityHours: 24);

entityConfiguration.AuthorityHints = new[] { "https://trust-anchor.example.com" };
entityConfiguration.Metadata = new EntityMetadata
{
    OpenIdCredentialIssuer = new
    {
        credential_issuer = "https://issuer.example.com",
        credential_endpoint = "https://issuer.example.com/credentials"
    }
};

entityConfiguration.Validate();

Trust Chain Resolution

using SdJwt.Net.OidFederation.Logic;
using Microsoft.IdentityModel.Tokens;

var trustAnchors = new Dictionary<string, SecurityKey>
{
    ["https://trust-anchor.example.com"] = trustAnchorPublicKey
};

var resolver = new TrustChainResolver(httpClient, trustAnchors);
var trustChain = await resolver.ResolveAsync("https://leaf-entity.example.com");

if (trustChain.IsValid)
{
    var validatedMetadata = trustChain.ValidatedMetadata;
    var chainEntities = trustChain.GetTrustChainEntities();
}
else
{
    Console.WriteLine($"Trust resolution failed: {trustChain.ErrorMessage}");
}

Enforce Trust Requirements

var requirements = TrustChainRequirements.ForProtocol(
    protocol: "openid_credential_issuer",
    maxPathLength: 5);

requirements.AllowedTrustAnchors = new[] { "https://trust-anchor.example.com" };
requirements.RequiredTrustMarks = new[] { "https://trust.example.com/marks/regulated-issuer" };

if (!trustChain.SatisfiesRequirements(requirements))
{
    throw new InvalidOperationException("Issuer does not satisfy federation requirements.");
}

Federation Scenarios

University Trust Chains: Academic institution verification across regions
Government Entity Trust: Cross-agency trust establishment
Healthcare Networks: Medical provider trust verification
Corporate Federation: Enterprise identity federation management

Documentation

For complete end-to-end integration, see:

License

Licensed under the Apache License 2.0.

Product	Compatible and additional computed target framework versions.
.NET	net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed.
.NET Core	netcoreapp3.0 was computed. netcoreapp3.1 was computed.
.NET Standard	netstandard2.1 is compatible.
MonoAndroid	monoandroid was computed.
MonoMac	monomac was computed.
MonoTouch	monotouch was computed.
Tizen	tizen60 was computed.
Xamarin.iOS	xamarinios was computed.
Xamarin.Mac	xamarinmac was computed.
Xamarin.TVOS	xamarintvos was computed.
Xamarin.WatchOS	xamarinwatchos was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

.NETStandard 2.1
- Microsoft.Extensions.Http (>= 8.0.1)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.6)
- Microsoft.IdentityModel.Tokens (>= 8.12.1)
- SdJwt.Net (>= 1.0.2)
- System.IdentityModel.Tokens.Jwt (>= 8.12.1)
- System.Text.Json (>= 8.0.5)
net10.0
- Microsoft.Extensions.Http (>= 8.0.1)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.6)
- Microsoft.IdentityModel.Tokens (>= 8.12.1)
- SdJwt.Net (>= 1.0.2)
- System.IdentityModel.Tokens.Jwt (>= 8.12.1)
net8.0
- Microsoft.Extensions.Http (>= 8.0.1)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.6)
- Microsoft.IdentityModel.Tokens (>= 8.12.1)
- SdJwt.Net (>= 1.0.2)
- System.IdentityModel.Tokens.Jwt (>= 8.12.1)
net9.0
- Microsoft.Extensions.Http (>= 8.0.1)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.6)
- Microsoft.IdentityModel.Tokens (>= 8.12.1)
- SdJwt.Net (>= 1.0.2)
- System.IdentityModel.Tokens.Jwt (>= 8.12.1)

NuGet packages (1)

Showing the top 1 NuGet packages that depend on SdJwt.Net.OidFederation:

Package	Downloads
SdJwt.Net.HAIP Implementation of OpenID4VC High Assurance Interoperability Profile (HAIP) for the SD-JWT .NET ecosystem. Provides policy-based compliance validation and enforcement for government and enterprise use cases. Ready for .NET 10.	233

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last Updated
1.0.2	0	3/13/2026
1.0.1	180	3/1/2026
1.0.0	122	2/28/2026

Version 1.0.0: Complete OpenID Federation 1.0 implementation
with trust chain validation, entity configuration management, recursive
validation, and comprehensive security features. Ready for .NET 10.