Create Enterprise Wallet

General

The Enterprise Wallet is the central wallet for a company. It maintains all business related credentials. In addition, it performs the exchange of credentials and presentations. It contains the following:

• Credentials
  • Enterprise Credentials: Legal entity credential of the company and of Legal and Natural Persons related to the company. These credentials are issued by the Bundesanzeiger.
  • Power of Attorney Credentials: Chained credentials issued by a Natural Person to delegate authority. The chain of these credentials always needs to lead to the Enterprise Credential which defines the authority and forms the trust anquor for the delegation of authority.
• DIDs
  • A DID is created and assigned to each user of the Enterprise Wallet. Using this DID the user becomes a Natural Person with specific authority (e.g. functionary or employee with power of attorney).
  • Cryptographic material is assigned to each DID. The corresponding Key Pairs are stored in the key management system of the Enterprise Wallet .

The Enterprise Wallet is the central module for managing business-related credentials such as the EU Company Certificate. It enables enterprises to receive, store, present and issue credentials. The Enterprise DID represents the enterprise entity and enables its authentication and authorization to business partners by presenting enterprise-specific credentials. In turn, the wallet can be used to authenticate and authorise business partners by verifying their credentials. In addition, Enterprise DIDs enable process automation by eliminating the need for human interaction.

Some use cases require the identification of one or more responsible parties. In this case, employees or agents use the Natural Person DID to approve transactions. Authorization is proven by presenting credentials issued using the Enterprise DID or an external issuer such as the Bundesanzeiger.

Workflow

Steps

1. The administrator creates the Enterprise Wallet. The Enterprise Wallet is set up as a separate system
2. A Key Pair is created for the enterprise
3. A DID is created for the enterprise
4. The administrator is informed about the successful creation of the wallet
5. The administrator defines the authentication methods available for this enterprise (email login, open id connect, ldap, ...)

Result

• The wallet is installed and initialized
• An admin user is created and set up
• Employees and representatives may be added, also refer to the Add User section