Integration & APIs

proConsul serves as the integration hub for your digital trust ecosystem, connecting identity providers, credential issuers, PKI infrastructure, and external systems through standards-based APIs and protocols.

Integration Architecture

Designed to support diverse integration patterns from real-time APIs to event-driven architectures

Gateway to Services

proConsul API gateway architecture showing how external requests flow through authentication, routing, and orchestration layers to backend services

Services to Data Stores

Service layer integration with data stores, showing how orchestration services coordinate with credential repositories, policy engines, and audit logs

Integration Types

proConsul supports multiple integration patterns to accommodate diverse system requirements

Identity Provider Integration

Connect to national identity systems, population registries, enterprise directories, and external authentication providers. Support for OpenID Connect, SAML 2.0, OAuth 2.0, and LDAP protocols. Designed for OpenID Federation scenarios enabling trust federation across organizational boundaries.

  • National eID systems and population registries
  • Enterprise Active Directory and LDAP
  • Social identity providers
  • Multi-factor authentication systems
  • Biometric authentication platforms

Credential Issuer & Verifier Integration

Integrate with systems that issue and verify digital credentials including government agencies, educational institutions, professional bodies, and enterprises. Support for W3C Verifiable Credentials, ISO/IEC 18013-5 mobile driving licenses, and X.509 certificate-based credentials.

  • Government credential issuers (passports, IDs, licenses)
  • Educational credential systems
  • Professional certification bodies
  • Healthcare credentialing systems
  • Relying party verification services

TrustVault & PKI Integration

Deep integration with TrustVault for all cryptographic operations and PKI services. HSM-backed key generation, certificate issuance, digital signing, and validation. Support for hierarchical PKI structures, certificate policies, and revocation mechanisms.

  • TrustVault PKI services
  • Hardware Security Modules (HSMs)
  • Certificate Authority operations
  • Key management systems
  • Cryptographic service providers

Wallet Integration

Integration with idGuard consumer wallets and EUDI-compliant wallet applications. Credential delivery, update notifications, and revocation signaling. Designed to support the EUDI Wallet ecosystem with compliance for ARF specifications.

  • idGuard consumer wallet platform
  • EUDI Wallet implementations
  • Enterprise mobile wallet applications
  • Credential presentation protocols
  • Wallet attestation services

Monitoring & SIEM Integration

Export logs, metrics, and security events to enterprise monitoring systems, SIEM platforms, and security operations centers. Real-time alerting, anomaly detection, and incident response coordination.

  • SIEM platforms (Splunk, ELK, QRadar)
  • Monitoring systems (Prometheus, Grafana)
  • Security operations center tools
  • Log aggregation services
  • Alerting and notification systems

External Data Sources

Integration with external data sources for attribute verification, fraud detection, and threat intelligence. Support for real-time API queries and batch data synchronization.

  • Document verification services
  • Fraud intelligence networks
  • Sanctions and watchlist screening
  • Credit bureau and KYC data providers
  • Threat intelligence feeds

OpenID Federation Support

Designed to support OpenID Federation for establishing trust across organizational and national boundaries

OpenID Federation Architecture

OpenID Federation architecture showing trust anchor relationships, entity statements, and federated authentication flows

🔗

Federated Trust

OpenID Federation enables establishment of trust relationships between identity providers, credential issuers, and relying parties across organizational boundaries. proConsul orchestrates federation metadata, entity statements, and trust chain validation. Critical for cross-border EUDI Wallet scenarios and international identity federation.

EUDI Wallet Ecosystem

Designed to support the European Digital Identity Wallet ecosystem with compliance for Architecture Reference Framework (ARF) specifications

EUDI Wallet Trust & Lifecycle

EUDI Wallet trust and lifecycle flows showing credential issuance, attestation, and verification patterns

EUDI Wallet Payments Flow

Example use case: EUDI Wallet payment authentication flow demonstrating credential presentation and strong customer authentication

Wallet Attestation

Support for Wallet Secure Cryptographic Device (WSCD) attestation. Integration with trusted execution environments, secure elements, and hardware security modules to provide cryptographic assurance of wallet authenticity.

Credential Formats

Support for multiple credential formats required by EUDI ARF including ISO/IEC 18013-5 mDL (mobile driving license), W3C Verifiable Credentials, and SD-JWT (Selective Disclosure JWT).

Cross-Border Recognition

Orchestrate cross-border credential recognition scenarios. Manage attribute mapping, trust framework alignment, and mutual recognition agreements between member states.

Trust Framework Integration

Connect with national and European trust frameworks. Integrate with qualified trust service providers (QTSPs), national identity schemes, and attribute providers across the EUDI ecosystem.

WSCD Options and Threats

Analysis of Wallet Secure Cryptographic Device (WSCD) implementation options, associated threat models, and certification requirements

API Capabilities

Comprehensive REST and GraphQL APIs for programmatic platform access

🔌

RESTful APIs

Standards-based REST APIs providing access to credential lifecycle operations, policy management, workflow orchestration, and reporting functions. OpenAPI 3.0 specifications available for all endpoints. OAuth 2.0 and JWT-based authentication. Comprehensive error handling and validation.

GraphQL APIs

Flexible GraphQL endpoints for complex queries and data aggregation. Single request can retrieve related data across multiple resources. Strongly typed schema with introspection support. Subscription support for real-time updates on credential status changes and workflow completions.

🔔

Webhooks & Events

Event-driven integration via webhooks. Subscribe to events including credential issuance, revocation, policy changes, and approval completions. Configurable retry logic and delivery guarantees. Webhook signature verification ensures authenticity. Support for CloudEvents standard format.

📚

Developer Portal

Comprehensive developer documentation, API reference, interactive API explorer, and code samples. SDKs available for major programming languages. Sandbox environment for testing integrations. API versioning and deprecation policies clearly documented.

Integration Patterns

Common integration patterns for connecting proConsul to your ecosystem

Synchronous Request-Response

Direct API calls for real-time operations. Client makes request, proConsul processes immediately, and returns response. Suitable for low-latency requirements like authentication, credential verification, and policy evaluation.

Asynchronous Processing

Long-running operations use asynchronous patterns. Client submits request, receives job identifier, and polls for completion or subscribes to webhook notification. Suitable for credential issuance requiring approvals, batch operations, and report generation.

Event-Driven Integration

Subscribe to platform events via webhooks or message queues. Receive notifications for credential lifecycle events, policy changes, threat alerts, and compliance incidents. Enables reactive architectures and real-time monitoring.

Batch Synchronization

Scheduled batch operations for bulk data exchange. Export audit logs, import user populations, synchronize policy updates, and exchange credential status information. Support for various data formats including JSON, XML, and CSV.

API Security & Rate Limiting

Authentication

OAuth 2.0 client credentials flow for service-to-service authentication. JWT bearer tokens with configurable expiry. API key authentication for simpler integrations. Mutual TLS support for highest security scenarios.

Authorization

Fine-grained authorization based on OAuth 2.0 scopes and custom claims. Role-based access control for administrative operations. Attribute-based policies for complex authorization scenarios.

Rate Limiting

Configurable rate limits prevent abuse and ensure fair resource allocation. Per-client rate limiting with burst allowances. Rate limit headers inform clients of current quota status. Graceful degradation under load.

Encryption & Transport

TLS 1.3 for all API communications with perfect forward secrecy. Certificate pinning support for mobile applications. Request and response signing for end-to-end integrity verification.

Ready to Integrate proConsul?

Contact our integration team to discuss your requirements and access developer resources.