Wallet Invocation
To provide a seamless user experience, the Lissi Wallet supports invocation via custom URI schemes and HTTPS deep links (App Links/Universal Links) to automatically open the Lissi Wallet app and initiate either a credential issuance or a presentation flow on the user's device.
If you are configuring the wallet invocation for Lissi Wallet Pro, please also refer to Lissi Wallet Pro: Getting Started | Lissi-Wallet-Pro-Invocation
Issuance Invocation (OpenID4VCI)
When an issuer wants to offer a credential to a user, they generate a credential offer URI. The Lissi Wallet can be invoked using the following schemes to process these OpenID4VCI offers:
Scheme | Pupose |
|---|---|
| The baseline custom scheme defined in the standard OpenID4VCI specification. It provides maximum interoperability across different wallet providers. |
| Used specifically for high-assurance flows adhering to the High Assurance Interoperability Profile (HAIP). |
| This is our claimed HTTPS scheme for issuances (Universal Link for iOS / App Link for Android). It guarantees that only the Lissi Wallet handles the request. If the user does not have the wallet installed, it provides a fallback to a web page for download instructions. |
Usage Example: An issuer passes the offer by reference by appending the credential_offer_uri to the chosen scheme:
https://oob.lissi.io/vci?credential_offer_uri=https%3A%2F%2Fissuer.example.com%2Foffers%2F12345
We highly recommend using the domain-based wallet invocation, as it provides enhanced security when interacting with the Lissi Wallet.
Presentation Invocation (OpenID4VP)
When a Relying Party (Verifier) requests a credential presentation, they generate an authorization request. The Lissi Wallet can be invoked to handle these OpenID4VP requests using the following schemes:
Scheme | Pupose |
|---|---|
| The standard custom scheme defined in the OpenID4VP specification. |
| A specialized scheme aligned with the European Digital Identity (EUDI) Wallet ecosystem requirements. |
| Used for HAIP-compliant presentation requests, ensuring strict adherence to high-assurance security profiles. |
| This is our claimed HTTPS scheme for presentations (Universal Link for iOS / App Link for Android). It guarantees that only the Lissi Wallet handles the request. If the user does not have the wallet installed, it provides a fallback to a web page for download instructions. |
Usage Example: A verifier passes the presentation request by appending the client_id and request_uri to the scheme:
https://oob.lissi.io/vp?client_id=verifier.example.com&request_uri=https%3A%2F%2Fverifier.example.com%2Frequests%2F67890
Invocation Methods
Depending on the user journey, the invocation URIs mentioned above can be delivered to the Lissi Wallet in two primary ways:
Same-Device Invocation
If the user is accessing the Relying Party website directly on their mobile device, you can invoke the wallet by triggering the URL as a standard link or redirect.
You can invoke the wallet on a device where the Lissi Wallet is installed by launching the following URL:
https://oob.lissi.io/vci?credential_offer_uri=https%3A%2F%2Fsimple.demo.connector.lissi.io%2Fopenid4vci%2Fcredential_offer%2Fe3d51475-1742-4ded-9408-c8817192b64b
Cross-Device Invocation (Scanning a QR Code)
If the user is using a secondary screen (like a desktop monitor) to interact with the Relying Party, you can transform the URL above and encode it into a QR code.
This QR code can be scanned directly using the built-in camera scanner within the Lissi Wallet app. It can also be scanned using the native camera apps on Android or iOS, which will automatically route the user to the wallet via the registered deep link schemes.
Please note: The QR code to the right is for illustrative purposes only.
