v1.0.0-beta.13

1.0.0-beta.13 (2025-10-29)

Bug Fixes

• initialize database clients (#216) (243a89b)
• remove duplicate OID4VP authorization response validation (#231) (2e7763e)
• use hostname as display default in production profile (#228) (7061540)

Features

• add transaction code support to OID4VCI flow (#213) (7d84f08)
• expose basic HTTP API metrics (#212) (32bff21)
• migrate to OID4VP draft 28 (DCQL, vp_token) (#201) (46aa715)
• migrate to OpenID4VCI draft 15 (#217) (4a6ef0c)
• support MongoDB event store (#210) (f40c3cd)

BREAKING CHANGES

• • OpenID4VCI flow is updated to https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-15.html. This makes UniCore incompatible with Wallets that support older draft versions
• • New dcql_query replaces presentation_definition as the query structure in authorization requests (OID4VP draft 28).

• vp_token response structure has changed and is now an object where the key is the id value used for a Credential Query in the dcql_query and the value is an array of one or more Presentations that match the respective Credential Query.
• Added new validation functions to ensure vp_token corresponds to requested credentials.

v1.0.0-beta.12

1.0.0-beta.12 (2025-08-26)

Bug Fixes

• pin Debian version of rust base image (#214) (dd2b274)

v1.0.0-beta.11

1.0.0-beta.11 (2025-08-13)

Features

• add credentialStatus, serve Status List Token (#204) (e1906df)
• add support for multiple credential configurations (#193) (5832b33)
• change public display data during runtime (#199) (8512590)
• migrate to IOTA Rebased (#205) (c0ca611)

BREAKING CHANGES

• Schema updates to the Document aggregates now prevent UniCore from loading state from event stores created with previous versions. Since data migrations are not supported yet, a fresh database is required.
• When utilizing the JIT Credential flow, the /v0/offers endpoint now requires the credentialConfigurationIds field which should contain all the IDs of the Credential Configurations corresponding to the JIT Credential(s) to be issued.
• Schema updates to the Offer and ServerConfig aggregates now prevent UniCore from loading state from event stores created with previous versions. Since data migrations are not supported yet, a fresh database is required.

v1.0.0-beta.10

1.0.0-beta.10 (2025-06-10)

Features

• add public_url, rename url to application_url (#186) (4ea5618)
• add OpenID4VCI Notification Endpoint (#178) (4a1794e)
• introduce application profiles with sensible default configuration (#182) (549ccae)
• return PublicError for public Issuance endpoints (#190) (eba534e)

BREAKING CHANGES

• • Removed UNICORE__PORT and UNICORE__BASE_PATH environment variables. Their functionality is now covered by UNICORE__APPLICATION_URL, which can include port and base path components as needed for internal use.
    Note: Please review your deployment and configuration files to ensure compatibility with these changes.

v1.0.0-beta.9

1.0.0-beta.9 (2025-03-24)

Features

• add /version and /info metadata endpoints (#158) (2770ac2)
• add Domain Linkage for did:iota DID Method (#160) (5f55caa)
• add endpoints to list and retrieve DID Documents (#171) (3840147)
• add Problem Details for Issuance and Persistence HTTP API errors (#175) (96f25ac)
• remove ˋdid:iota:rmsˋ DID method (discontinued) (#168) (938c236)
• use credential_offer_uri by default during credential issuance (#166) (306912a)

BREAKING CHANGES

• Schema updates to the Document and Service aggregates now prevent UniCore from loading state from event stores created with previous versions. Since data migrations are not supported yet, a fresh database is required.
• The following environment variables have been deprecated:
  • UNICORE__DID_DOCUMENT_CACHE__ENABLED
  • UNICORE__DID_DOCUMENT_CACHE__TTL
  • UNICORE__DID_DOCUMENT_CACHE__INCLUDE
• The did:iota:rms DID Method has been deprecated
• The following environment variables have been deprecated:
  • UNICORE__SECRET_MANAGER__ISSUER_DID
  • UNICORE__SECRET_MANAGER__ISSUER_FRAGMENT

v1.0.0-beta.8

1.0.0-beta.8 (2024-12-13)

Bug Fixes

• change /request endpoint Content-Type to oauth-authz-req+jwt (#157) (8daca06)

Features

• implement liveness probe at /healthz (#152) (98045e9)
• require credential expiration date, use credential id in JWT (#150) (65c9653)
• upload holder credentials via HTTP API (#141) (8c8c246)

BREAKING CHANGES

• require expiresAt property when creating a credential via the HTTP API

The expiresAt field is now required when creating a credential on /v0/credentials. Accepted values are ISO 8601 timestamps (UTC) such as 2024-12-09T16:51:29Z or the value "never".

Migration guide

• supply expiresAt for each request to /v0/credentials

v1.0.0-beta.7

1.0.0-beta.7 (2024-12-10)

Bug Fixes

• persist Linked Verifiable Presentations for did:web (#149) (97b00ca)

Features

• add presentation_ids array to response from GET /v0/services and GET /v0/services/:service_id endpoints (#149) (97b00ca)

v1.0.0-beta.6

1.0.0-beta.6 (2024-12-03)

Features

• return collections as arrays, generic primary identifiers (#135) (e225131)

BREAKING CHANGES

• return collection as an array of objects instead of a map
• rename primary identifier

The response types for the following endpoints have been changed from a map of objects to an array of objects:

• /v0/holder/credentials
• /v0/holder/offers
• /v0/holder/presentations
• /v0/connections
• /v0/services
• /v0/credentials
• /v0/offers

Before

{
  {
    "credential_id": "bf766ebe-0a52-4531-ac24-88af1b854b55"
    ...
  }
}

After

[
  {
    "id": "bf766ebe-0a52-4531-ac24-88af1b854b55"
    ...
  }
]

Migration guide

• Parse responses as lists instead of objects
• Use the generic id property instead of having to search the response for the identifier

v1.0.0-beta.5

1.0.0-beta.5 (2024-11-29)

Features

• allow custom HTTP headers in event_publishers configuration (#140) (a019dea)
• track the status of offers and credentials (#133) (d55158e)

v1.0.0-beta.4

1.0.0-beta.4 (2024-11-28)

Features

• bootstrap Connection aggregate (#131) (0d3a10d)