❗ Important! Before you proceed, you should be aware of OpenID4VCI, OpenID4VP & W3C VC. Please read the following standards before proceeding:
- Overview
- Architecture
- Modularity & Extensibility
- Folder Structure
- Deployment
- Local Setup
- Configuration
- Running Tests
- Databases
- Upcoming Features
- Documentation
- Contribution & Community
Inji Web is an open-source, standards-compliant web-based wallet that allows users to securely download, manage, and share Verifiable Credentials (VCs). It provides an inclusive, easy-to-use platform for individuals to access services and benefits, even without a smartphone.
As a reference implementation, Inji Web is designed for adoption by ecosystem partners, countries, system integrators, and governments—built collaboratively with the community.
Inji Web adheres to global interoperability standards, including:
- OpenID4VCI: For secure, standardized credential issuance.
- OpenID4VP: For sharing credentials with verifiers.
- W3C VC: Support for JSON-LD (1.1) and VC Data Model 2.0.
- IETF SD-JWT: Support for selective disclosure.
- Claim-169: Optimized QR code representation.
- OVP Flow Support: The Verifiable Presentation (OVP) flow is currently limited to LDP-VC (JSON-LD) format. Support for SD-JWT VC presentation is currently in the pipeline and not yet available.
- Passcode Management: The option to change a passcode after the initial login is currently unavailable.
Inji Web utilizes a Backend-for-Frontend (BFF) architecture pattern centered around Mimoto. This design decouples the complex logic of credential orchestration from the user interface, ensuring a lightweight and secure frontend experience.
- Inji Web (Frontend): A React-based portal that provides the user interface for credential workflows. It handles "Guest" and "Logged-in" flows via OIDC.
- Mimoto (BFF): Acts as the central brain. It handles session management, communicates with Inji Certify for issuance, and interfaces with Inji Verify for validation.
- Credential Storage: Utilizes PostgreSQL for persistent storage of credentials for logged-in users and Datashare for guest sessions or public credential sharing scenarios.
- Security Layer: Integrated with eSignet for identity provider (IdP) services and supports Google OAuth 2.0 for social login.
For a detailed view of Inji web architecture and components, refer to the Inji Web Architecture Documentation.
Inji Web is designed to be highly modular and extensible, allowing it to fit into various digital identity ecosystems beyond just MOSIP.
- SDK-First Approach: Many components, such as the VC Renderer, are built as reusable modules that can be embedded into other web applications.
- Interoperable Design: By strictly adhering to OpenID4VC protocols, Inji Web can be extended to work with any compliant Issuer or Verifier.
- Customization: Supports UI/UX extensibility through Tailwind CSS and localized property files, enabling organizations to rebrand the wallet and adapt it to local requirements easily.
helm: Contains Helm charts required for deployment on a Kubernetes (K8S) cluster.inji-web: Contains the React source code, test suites, and the Dockerfile for building the frontend image.docker-compose: Contains configurations, environment files, and service definitions for local full-stack execution.
Inji Web supports two modes of deployment to cater to different users with different purposes:
-
Local Development Setup
- Intended for experimentation and user experience. Local Setup can be carried out in two ways:
- Local Setup without Docker Compose
- Recommended for developers or community contributors who want to perform debugging or gain a deeper understanding of the Inji Web codebase.
- Refer to this guide to try this mode of setup.
- Local Setup with Docker Compose
- Recommended for users who want to experience the product from a technical/backend perspective.
- Refer to this guide to try this mode of setup.
- Local Setup without Docker Compose
- This is for developers, community members, and country representatives to explore the application, demonstrate its usage to external stakeholders, or conduct proof-of-concepts (POCs).
- Intended for experimentation and user experience. Local Setup can be carried out in two ways:
-
Deployment with Kubernetes cluster
- Designed for production environments.
- Enables organizations to host and utilize the product at scale.
- Refer to the Deployment Guide to learn more about this mode of deployment.
To run Inji Web, you must have Node 18 installed.
# Install nvm (if not already installed)
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
# Install Node 18
nvm install 18Recommended for frontend developers working on UI changes or deep codebase exploration.
# Navigate to the frontend directory
cd ./inji-web
# Install dependencies
npm install
# Start the application
npm startThe application will be accessible at: http://localhost:3004.
To build and run the Inji Web frontend as a standalone container, navigate to the project's root directory and execute the following:
# Navigate to the frontend directory
cd ./inji-web
# Build the docker image
docker build -t <dockerImageName>:<tag> .
# Run the docker image (add environment variables as needed)
docker run -e DEFAULT_LANG=en -it -p 3004:3004 <dockerImageName>:<tag>This is the recommended method to run Inji Web together with Mimoto, Redis, and Postgres to experience the full technical stack. Navigate to the project's root directory and run:
-
Start Services:
cd ./docker-compose docker-compose up -
Stop Services:
cd ./docker-compose docker-compose down
Accessing the Application: Once the Docker Compose services are healthy, the application can be accessed at: http://localhost:3004
Inji Web connects to the Mimoto service. Configuration details, such as URLs to connect with this service and other environment-specific settings (e.g., IGNORED_ISSUER_IDS, DEFAULT_LANG) are updated in the env.config.js file.
To update configurations on a Linux environment:
- Open the file:
nano ./inji-web/public/env.config.js - Update the
MIMOTO_URLto point to your running Mimoto service. - Save and Exit: press
ctrl + o, thenyto save the changes, followed byctrl + xto exit.
Inji Web uses snapshot testing for layout consistency and Jest for unit testing.
- Run all tests:
npm test - Update Snapshots:
npm test -- -u - Check Coverage:
npm test -- --coverage
Inji Web itself is stateless; however, the Mimoto (BFF) it connects to requires a PostgreSQL database.
- Persistent Storage: Stores credentials for logged-in users.
- Session Store: Mimoto utilizes Redis for managing active sessions and volatile state.
Refer to the Postgres Configuration Guide for Mimoto to set up the database.
In the upcoming releases, the following features are planned:
- Selective Disclosure (SD-JWT): Ability to share specific attributes from a credential.
- Revocation Status: Real-time checking of VC validity.
- mDoc/mDL Support: Compatibility with mobile driving license standards.
- Backup & Restore: Enhanced persistent storage options for credentials.
-
API Documentation: API endpoints, base URL (
/v1/mimoto), and mock server details are available via Stoplight: Mimoto API Documentation. -
Product Documentation:
- To know more about Inji Web from a functional perspective, refer to the Overview | Inji Web.
- Inji Web is a part of the Inji Stack; for full details, visit Inji Docs.
We welcome contributions from everyone!
- Refer to the Code Contribution Guide to learn how you can contribute code to this application.
- If you have any questions or run into issues while trying out the application, feel free to post them in the MOSIP Community — we’ll be happy to help you out.