Module Reference

All IDK modules follow the com.sphereon.idk:<artifact-id> naming convention and are versioned together. Use the BOM to align versions, or specify 0.25.0 explicitly.

Modules marked with -public contain interfaces, data classes, and common logic. Modules marked with -impl (or -default) contain injectable implementations. See Installation for details on this pattern.

Core

Module	Description
lib-core-api-public	Core interfaces, IdkResult, error types, scope definitions (AppScope, UserScope, SessionScope), AbstractAppGraph base class
lib-core-api-default	Default implementations: root scope provider, session context manager, graph factories
lib-conf-settings	Configuration system: property sources, property resolution, secrets, multi-tenancy
lib-core-events-public	Event bus interfaces and event types
lib-core-events-impl	Event bus implementation and DI contributions
lib-core-loggers-mobile-logger	Mobile logging provider with in-memory buffer, platform-native output (Logcat / NSLog), and log export
lib-core-test	Test utilities and helpers for IDK-based tests
lib-core-compat	Compatibility layer for cross-platform APIs

HTTP Client

Module	Description
lib-data-link-http-client-public	HTTP client factory interface and configuration
lib-data-link-http-client-impl	Ktor-based HTTP client implementation

Cryptography

Module	Description
lib-crypto-core-public	Identifier resolution (IIdentifierService), signing/verification interfaces, COSE/JOSE types, X.509 models
lib-crypto-core-impl	Identifier resolution implementations, JWS/JWE/COSE operations, X.509 chain validation

KMS Providers

Module	Description
lib-crypto-kms-provider-software	Software-based key storage using in-memory or file-backed keys. Available on all platforms
lib-crypto-kms-provider-mobile	iOS Secure Enclave and Android Keystore integration
lib-crypto-kms-provider-aws	AWS KMS integration
lib-crypto-kms-provider-azure	Azure Key Vault integration
lib-crypto-kms-provider-rest	Remote KMS via REST API
lib-crypto-kms-rest-api	KMS REST API models (shared between client and server)
lib-crypto-kms-rest-server	KMS REST server (expose a KMS over HTTP)

Decentralized Identifiers (DID)

Module	Description
lib-did-core-public	DID Document model, DID URL parsing, verification method types
lib-did-resolver-public	DidResolver interface, resolution metadata, resolution options
lib-did-resolver-impl	Composite DID resolver, resolution caching, DI contributions
lib-did-manager-public	DidManager interface for creating, updating, and deactivating DIDs
lib-did-manager-impl	DID management implementation

DID Methods

Module	Description
lib-did-methods-key	did:key method: self-contained key-based DIDs
lib-did-methods-jwk	did:jwk method: JWK-encoded DIDs
lib-did-methods-web	did:web method: DNS-anchored DIDs resolved over HTTPS

DID Persistence

Module	Description
lib-did-persistence-api	Persistence interface for DID document storage
lib-did-persistence-memory	In-memory DID persistence (development/testing)
lib-did-persistence-sqlite	SQLite-backed DID persistence

DID Server

Module	Description
lib-did-rest-resolver-server	Universal Resolver compatible REST server

Trust Establishment

Module	Description
lib-trust-core-public	TrustValidationService interface, TrustContext, TrustStatus, TrustAnchor, revocation interfaces
lib-trust-core-impl	Composite trust validator, composite revocation checker (OCSP + CRL), caching
lib-trust-etsi-entities-public	ETSI TS 119 612/602 entity models (trust service providers, services, service history)
lib-trust-etsi	ETSI trust list parsing (XML TSL + JSON LoTE), trust list resolution, XML signature verification
lib-trust-x509	X.509 trust validation: CA bundle matching, fingerprint comparison, chain building
lib-trust-did	DID-based trust: method allow-lists, trusted DID lists, controller chain validation
lib-trust-oidfed	OpenID Federation trust: trust chain resolution, trust mark verification

SD-JWT

Module	Description
lib-sdjwt-public	SD-JWT interfaces, disclosure models, CNF builder, holder binding types
lib-sdjwt-impl	SD-JWT issuance, verification, and selective disclosure implementation

OAuth 2.0

Module	Description
lib-oauth2-common-public	Shared OAuth2 types: token models, error types, grant types
lib-oauth2-common-impl	Shared OAuth2 implementations
lib-oauth2-client-public	OAuth2Client interface, DpopService, PkceService, token request/response models
lib-oauth2-client-impl	OAuth2 client implementation: authorization code, client credentials, pre-authorized code, token exchange, DPoP, PKCE
lib-oauth2-server-authorization-public	AuthorizationServerService interface, command models for all grant types, storage interfaces
lib-oauth2-server-authorization-impl	Authorization server implementation: RFC 6749, 7636, 8693, 9449, 9126, 7662, 7009, 8414, OIDC
lib-oauth2-server-resource-public	Resource server token validation interfaces
lib-oauth2-server-resource-impl	Resource server implementation

JWT Validation

Module	Description
lib-oauth2-jwt-validation-api	JwtValidationService interface, IdpConfig with factory methods for OIDC/Keycloak/Azure AD/Auth0/Okta
lib-oauth2-jwt-validation-impl	JWT validation implementation with JWKS fetching, caching, and multi-tenant support

OpenID4VP

Module	Description
lib-openid-oid4vp-dcql	DCQL (Digital Credentials Query Language) query parser and evaluator
lib-openid-oid4vp-common-public	Shared OID4VP types: authorization request/response, presentation definition models
lib-openid-oid4vp-common-impl	Shared OID4VP implementations
lib-openid-oid4vp-holder-public	Holder/wallet interfaces for processing authorization requests and creating presentations
lib-openid-oid4vp-holder-impl	Holder implementation
lib-openid-oid4vp-verifier-public	Verifier/relying-party interfaces for creating requests and validating presentations
lib-openid-oid4vp-verifier-impl	Verifier implementation
lib-openid-oid4vp-universal-public	Combined holder + verifier with HTTP adapter for same-device and cross-device flows
lib-openid-oid4vp-universal-impl	Universal OID4VP implementation
lib-openid-oid4vp-auth-bridge-public	Authentication bridge: converts OID4VP presentations into OAuth2 token responses
lib-openid-oid4vp-auth-bridge-impl	Auth bridge implementation

Credential Claims Mapping

Module	Description
lib-credential-claims-mapper-public	Interfaces for mapping and transforming credential claims across formats
lib-credential-claims-mapper-impl	Claims mapper implementation

Mobile Credentials (mDoc)

Module	Description
lib-cbor-public	CBOR encoding/decoding types
lib-mdoc-core-public	mDoc/mDL data models, device request/response, issuer-signed items
lib-mdoc-core-impl	mDoc core implementation: CBOR encoding, session encryption, MSO verification
lib-mdoc-datatransfer-public	Engagement manager, transfer manager, event hub interfaces
lib-mdoc-datatransfer-impl	Data transfer orchestration implementation
lib-mdoc-reader	Reader/verifier utilities for mDoc presentation verification

mDoc Transports

Module	Description
lib-mdoc-transport-ble-public	BLE transport interfaces
lib-mdoc-transport-ble-impl	Bluetooth Low Energy transport (central and peripheral mode)
lib-mdoc-transport-nfc	NFC transport with Host Card Emulation (HCE)
lib-mdoc-transport-restapi	HTTP/WebSocket transport for server-based relay
lib-mdoc-transport-oid4vp	OID4VP-based mDoc transport

mDoc Data Link

Module	Description
lib-data-link-ble-public	Low-level BLE data link interfaces
lib-data-link-nfc-public	Low-level NFC data link interfaces
lib-data-link-nfc-impl	NFC data link implementation

Data Storage

Key-Value Store

Module	Description
lib-data-store-kv-public	KvStore interface, query options, scope binding
lib-data-store-kv-impl	KV store service and DI wiring
lib-data-store-kv-impl-memory	In-memory KV backend (development/testing)
lib-data-store-kv-impl-kottage	Kottage-backed persistent KV store

Blob Store

Module	Description
lib-data-store-blob-public	BlobStore and BlobService interfaces, CAS, metadata search
lib-data-store-blob-impl	Blob service orchestration and DI wiring
lib-data-store-blob-impl-memory	In-memory blob backend
lib-data-store-blob-impl-fs	Filesystem blob backend
lib-data-store-blob-impl-kv	KV-backed blob backend
lib-data-store-blob-client-http	Remote HTTP blob client

Party Data

Module	Description
lib-data-store-party-public	Party, Identity, Tenant, and CorrelationIdentifier data models

Identity

Module	Description
lib-identity-matching-public	IdentityMatch, IdentifierType, IdentityMatchStore, ReconciliationCryptoService interfaces
lib-identity-matching-impl	In-memory and Kottage-backed match store implementations
lib-identity-resolution-public	IdentityResolver interface, IdentityResolutionResult, resolution config
lib-identity-resolution-impl	Matching-based identity resolver implementation
lib-identity-reconciliation-public	ReconciliationPlan, ReconciliationSelectorRule, session model, commands
lib-identity-reconciliation-impl	Reconciliation orchestrator, KMS-backed crypto, session stores
lib-idv-public	IDV workflow models: use case definitions, graph nodes, method definitions, materialization rules, assurance/compliance profiles
lib-idv-oidc	OIDC method driver for IDV workflows
lib-idv-wallet	Wallet/OID4VP method driver for IDV workflows

Theme and UI

Module	Description
lib-conf-theme-core-public	Theme configuration interfaces (colors, typography, spacing)
lib-conf-theme-core-impl	Theme configuration implementation
lib-conf-theme-compose	Jetpack Compose theme integration
lib-conf-theme-web	Web theme integration
lib-ui-compose	Reusable Jetpack Compose UI components

Framework Integration

Module	Description
ktor-server-kotlin-inject	Ktor server plugin for IDK DI integration

Convenience

Module	Description
lib-all	Includes all IDK modules transitively. Use for quick starts or when binary size is not a concern
idk-bom	Bill of Materials for version alignment across selective dependencies