Paradym connector

Content Type: Module
Categories: Connectors

Overview

The Paradym connector allows you to easily and quickly connect with the Paradym API for issuing, verifying and other identity actions in Mendix.

 

With Paradym, you can set up digital identity infrastructure in minutes, so you can focus on integrating it into your application.

Documentation

Demo urlhttps://youtu.be/JwpKYsQ8iXA

Introduction

With Paradym, you can set up digital identity infrastructure in minutes, so you can focus on integrating it into your application. The Paradym connector allows you to easily and quickly connect with the Paradym API for issuing, verifying and other identity actions in Mendix.

This Paradym connector enables the usage of most of the Paradym API resources described in API documentation https://paradym.id/reference?full and is up to date with Changelog February 11, 2025

Development

The connector_paradym module requires at least Mendix version 9.24.18.

Maintenance

This module is maintained in this GitHub repository

Dependencies

Issues

Please report any issues with the Paradym connector on GitHub.

Documentation

This module supports Paradym API v1 which contains the following endpoints Supported API endpoints:

/v1
    /projects
        /members
            /add
            /remove
        /webhooks
        /profiles/default
        /templates
            /credentials
                /sd-jwt-vc
                    /json-schema
                    /unarchive
                /anoncreds
                    /json-schema
                    /unarchive
            /presentations
        /dids
        /trusted-entities
        /issuance
            /sd-jwt-vc
        /revocation/batch
        /openid4vc
            /issuance
                /offer
            /verification
                /request
        /didcomm
            /invitations
                /receive
                /create-connection
            /connections
            /issuance
                /offer
            /verification
                /request
            /mediators
                /connections
            /messaging
                /basic/send
                /custom/send

API and Dashboard: Use Paradym to issue and verify credentials (SD-JWT over OpenID4VC and DIDComm based)

Configuration

Please start with the Paradym documentation to get familiar with concepts of digital wallets, the workflows, actions and executions.

  1. Create an account with Paradym, obtain an API key
  2. Download connector_paradym from the Mendix Marketplace (or import it manually) into Studio Pro
  3. Connect the Administrator (module role) to a User role and add the Paradym Settings snippet on an overview accessible by the user setting up the Paradym connector
  4. Set Constants
  5. Add logic to create/edit/delete APISettings by using theA PISettingsHelper and open the APISettings_Edit (it's up to you to decide how to determine the _IDs)
  6. Add logic to create Projects (optional, can also be done via the Paradym dashboard)
  7. Run the application, sign in and go to the Paradym settings page
  8. Create APISettings, enter your API key and start syncing data from Paradym (at this point there won't be much data, but if you are connection with an existing API key you can retrieve existing projects, mediators, etc.)
  9. Start building with the components of connector_paradym

To further test and work with Paradym API actions it is recommended to use a gateway that can forward the webhook events to your local development machine (e.g. hookdeck, ngrok).

Security

This module tries to follow the principle of least privilege, in which a user is given the minimum levels of access needed.

  • Module roles: Administrator role for configuring the Paradym connector and debugging information. No other users should have access to logic or data from this module.
  • Encryption: always store sensitive and personal information encrypted (e.g. ApiKey, proof-presentations, messages).

References

  • Farmworker Wallet OS ecosystem. Although connector_paradym is not part of the Farmworker Wallet OS it is used in the reference projects to demonstrate how a Cloud Agent implementation with Mendix could be developed
  • Paradym default workflows. The Paradym documentation contains some example workflows, this repository contains the workflows definitions used as starting point for Entidad projects implementing Paradym (archived)

Releases

Version: 3.3.2
Framework Version: 9.24.18
Release Notes: - Add ?include=credentials.trustedIssuers to URL in GET Retrieve presentation template
Version: 3.3.1
Framework Version: 9.24.18
Release Notes: - Fix naming for #13 (renamed AnonCredsSchema to JSONSchemaApi) reused existing JSON documents and mapping
Version: 3.3.0
Framework Version: 9.24.18
Release Notes: [BREAKING CHANGES] - #14 Verify credentials via TrustedIssuers (TrustedEnitites), Issuers on PresentationTemplate.Credentials will be deprecated in March 2025. This is a breaking change, issuers can be migrated by creating a flow that retrieves existing issuers and calls the TrustedEntities API, then update (PUT) the PresentationTemplates with these new TrustedIssuers - Domain model clean up and Naming convention fixes. This might break references to NPE entities used for the Paradym APIs. To avoid broken references you can first make sure that in your Mendix project, in the Connector_Paradym all NPEs (except helper) follow the following conventions (rename if required): end with Api, e.g. CredentialApi and the attributes on these entities are lower `camelCase ` not `PascalCase`.
Version: 3.2.1
Framework Version: 9.24.18
Release Notes: Updated GET issuance session JSON mapping to include `didcommInvitationId` response attribute. This is important to associate with a Credential entity once it has been accepted by a connected party. Reference: https://paradym.id/reference#tag/didcomm-issuance/GET/v1/projects/{projectId}/didcomm/issuance/{didcommIssuanceId}
Version: 3.2.0
Framework Version: 9.24.18
Release Notes: Added "didcommConnectionId" attribute to VerificationRequest mappings. In the scenario where a Verifier wants to direct a verification request over an established DIDComm connection instead of using an OutOfBandInvitation, the verification request API post payload can map the "didcommConnectionId" parameter and skip "didcommInvitationId". Reference: https://paradym.id/reference#tag/didcomm-verification/POST/v1/projects/{projectId}/didcomm/verification/request
Version: 3.1.0
Framework Version: 9.24.18
Release Notes: - Add QR image URL https://paradym.id/changelog?page=1#QR%20image%20url - invitationQrUri for didcomm connection invitations - didcommInvitation.invitationQrUri for DIDComm issuance offers or DIDComm verification requests - offerQrUri for OpenID4VC issuance offers - authorizationRequestQrUri for OpenID4VC verificaton requests
Version: 3.0.0
Framework Version: 9.24.18
Release Notes: - **Workflow Execution support removed** - Clean up of code and unused items
Version: 2.6.0
Framework Version: 9.24.18
Release Notes: - Add support for custom wallet information on Project Profile
Version: 2.5.1
Framework Version: 9.24.18
Release Notes: - Fix issue with max length on Goal.Description (this was set to 200 but is now unlimited inline with the Paradym API)
Version: 2.5.0
Framework Version: 9.24.18
Release Notes: - Add Issuers in the synchronization and saving of Credentials associated to PresentationTemplates