Skip to main content

Architecture and Components

Procivis One is a modular system for digital identity and credentials. This page covers how the system is composed and what each component does.

Architecture

Procivis one architecture diagram

The architecture diagram shows the full system: the open source Core at the foundation, the components built on top of it, and the integration interfaces (REST API, SDK, and mobile SDK) that connect them to external systems and applications.

Components

Procivis One is made up of five components: Core, Desk, Wallet-Relying Party Registry, Mobile, and OpenID Bridge.

Core

Procivis One Core component diagram

The Procivis One Core is the open source foundation of the system. It integrates into applications via REST API, server SDK, or mobile SDK (React Native, Swift, Kotlin).

Core capabilities include:

  • Credential lifecycle — issue, hold, verify, revoke, and suspend credentials across all supported formats and identifiers
  • Certificate management — generate certificate authorities, issue and sign certificates, and manage revocation via CRL, without external PKI infrastructure
  • Wallet provider — issue wallet unit attestations (WUA), wallet instance attestations (WIA), and manage trust list collections for wallets
  • Trusted list publishing — publish and manage trusted lists in supported formats

See Standards for the current list of supported technologies and protocols.

Procivis One Core on GitHub · Core API reference

Desk

Procivis One Desk component diagram

Desk is the enterprise backend component. It wraps the Core with functionality designed for organizational deployments. Desk capabilities include:

  • IAM integration — integrate with your existing identity provider with streamlined OpenID Connect token exchange and role-to-permission mapping
  • Multi-tenant organization management — run multiple organizations and manage their resources independently within a single deployment
  • Country profiles — pre-configured credential format and protocol settings for supported national ecosystems, simplifying compliance for users
  • Desk UI — a no-code web interface for managing the full capabilities of Core, Desk, WRPR, and OpenID Bridge

credential issuance, verification, and WRPR registration. Teams with deep API integrations may use it selectively alongside direct API access

Desk API reference · Try the Desk UI

Wallet-Relying Party Registry

Procivis One Wallet-Relying Party Registry component diagram

The Wallet-Relying Party Registry (WRPR) is infrastructure for national wallet-relying party registration schemes. It handles registrar functions for national registry compliance (EU 2025/848, ETSI TS 119 475, ETSI TS 119 411-8) and certificate provisioning (access certificates and registration certificates). The WRPR service runs on Core and can be operated standalone or together with Desk — when deployed with Desk, the Desk UI provides the registrar interface with the enterprise backend benefits of Desk.

Wallet-Relying Party Registry · WRPR API reference

Mobile

The Mobile component covers two applications built on the Core's mobile SDK:

Wallet App — a digital wallet for holding and presenting credentials. Available as an open source reference implementation that can be white-labelled, or embedded into an existing app using the One Core React Native SDK and React Native Components library.

Verifier App — an enterprise mobile verifying application supporting offline verification over Bluetooth Low Energy (BLE) in both OID4VP and ISO mdoc flows. The app is available on app stores and can be initialized in our trial environment for testing and demonstration.

Procivis One Wallet on GitHub · React Native SDK on GitHub · SDK documentation

OpenID Bridge

The OpenID Bridge integrates verifiable credentials into existing IAM systems, enabling credential-based login for any OIDC provider without replacing existing infrastructure. Available under an enterprise license.

OpenID Bridge documentation

Licensing

Open sourceEnterprise
Procivis One CoreProcivis One Desk
Procivis One Wallet AppProcivis One Verifier App
One Core React Native SDKProcivis One Business Wallet
One React Native ComponentsWallet-Relying Party Registry
OpenID Bridge

Procivis on GitHub · Contact us for enterprise licensing

Platform characteristics
  • Flexible — modular architecture supporting multiple protocol stacks, extensible to avoid lock-in, and meeting the technical requirements of eIDAS 2.0 and the Swiss e-ID ecosystem.
  • Interoperable — standardized protocols for credential lifecycles ensure maximum compatibility with software from other vendors. See supported standards.
  • Performant — scalable and suitable for deployments with millions of users, digital identities, and credentials.
  • Deployable — runs in your data center, at your preferred cloud provider, or on IoT devices.
  • Privacy by design — decentralized data storage and data minimization by default.
  • Enterprise ready — supported and actively developed, meeting requirements for production use by authorities and enterprises.
  • End-to-end — covers issuance, management, and verification from a single source.