SD-JWT .NET Documentation

SD-JWT .NET Logo

A production-ready .NET ecosystem for Selective Disclosure JSON Web Tokens and the complete OpenID for Verifiable Credentials stack. 16 packages. 1,400+ tests. RFC 9901, OpenID4VC, ISO 18013-5, eIDAS 2.0.

Who This Is For

You Are	Start Here	Goal
Decision Maker evaluating adoption	Capability Matrix	Understand ecosystem coverage and roadmap
Architect designing a credential system	Ecosystem Architecture	Design issuer, verifier, wallet, and trust infrastructure
Developer building an integration	15-Minute Quickstart	Issue, present, and verify your first SD-JWT
Security Engineer reviewing the stack	HAIP Compliance	Validate cryptographic and policy controls
Operations preparing for production	Deployment Patterns	Plan infrastructure and key management

Why SD-JWT .NET

Pillar	What It Means
Standards Complete	RFC 9901, OpenID4VCI/VP 1.0, DIF PEX v2.1.1, OpenID Federation 1.0, HAIP 1.0, ISO 18013-5
Enterprise Security	HAIP Levels 1-3, algorithm enforcement, constant-time operations, replay prevention, zero-trust
Production Ready	1,400+ tests, zero warnings, multi-framework (.NET 8/9/10, netstandard2.1), NuGet publishing
Full Credential Lifecycle	Issuance, presentation, revocation, trust resolution, status checking, wallet storage

Learning Path

flowchart LR
    QS[Quickstart<br/>15 min] --> Tutorials[Tutorials<br/>3 weeks]
    Tutorials --> Guides[How-To Guides<br/>Task-oriented]
    Guides --> Concepts[Deep Dives<br/>Architecture]
    Concepts --> UseCases[Use Cases<br/>Industry]

Week 1: Fundamentals

15-Minute Quickstart - Build Issuer + Wallet + Verifier
Running the Samples - Explore the interactive CLI
SD-JWT Deep Dive - How selective disclosure works

Week 2: Standards & Protocols

Beginner → Advanced Tutorials - 19 hands-on tutorials
Ecosystem Architecture - Package map and deployment patterns
OpenID4VCI + OpenID4VP - Issuance and presentation protocols

Week 3: Production

HAIP Compliance - Security levels and policy enforcement
How-To Guides - Task-oriented implementation guides
Use Cases - Industry scenarios with working examples

Documentation Map

Section	Purpose	Start With
`getting-started/`	First-run tutorials and environment setup	quickstart.md
`concepts/`	Architecture, design, and protocol deep dives	Concepts Index
`tutorials/`	Step-by-step tutorials (beginner → advanced)	Tutorials Index
`guides/`	Task-oriented implementation guides	Issuing Credentials
`use-cases/`	Industry use cases with reference architectures	Use Cases Index
`examples/`	End-to-end integration examples	Examples Index
`proposals/`	Design proposals for planned features	Listed below

Ecosystem Packages

Core

Package	Specification	Status
`SdJwt.Net`	RFC 9901 (SD-JWT)	Stable
`SdJwt.Net.Vc`	SD-JWT VC draft-15	Stable
`SdJwt.Net.StatusList`	Token Status List draft-18	Stable

Protocols

Package	Specification	Status
`SdJwt.Net.Oid4Vci`	OpenID4VCI 1.0 Final	Stable
`SdJwt.Net.Oid4Vp`	OpenID4VP 1.0 + DC API	Stable
`SdJwt.Net.PresentationExchange`	DIF PEX v2.1.1	Stable
`SdJwt.Net.OidFederation`	OpenID Federation 1.0	Stable

Compliance & Formats

Package	Specification	Status
`SdJwt.Net.HAIP`	HAIP 1.0	Stable
`SdJwt.Net.Mdoc`	ISO 18013-5 mDL	Stable
`SdJwt.Net.Wallet`	Generic Wallet (plugin)	Stable
`SdJwt.Net.Eudiw`	eIDAS 2.0 EU Wallet ARF	Stable

Agent Trust

Package	Purpose	Status
`SdJwt.Net.AgentTrust.Core`	Capability token mint/verify	Preview
`SdJwt.Net.AgentTrust.Policy`	Rule-based policy engine	Preview
`SdJwt.Net.AgentTrust.AspNetCore`	Inbound verification middleware	Preview
`SdJwt.Net.AgentTrust.Maf`	MAF/MCP outbound propagation	Preview

Enterprise Planning

Capability Matrix - Full feature assessment
Enterprise Roadmap - Strategic phases and timeline
Proposals - Design proposals for planned features

Source Repository

This documentation is part of the SD-JWT .NET open source project, maintained under the OpenWallet Foundation Labs umbrella.

GitHub: openwallet-foundation-labs/sd-jwt-dotnet
Issues: GitHub Issues
Discussions: GitHub Discussions
NuGet: SdJwt.Net