Latest articles

Learn how to build a secure headless CIAM layer with API-first identity to power custom login and registration journeys with full control.

Learn proven steps and pitfalls to avoid when migrating 10M+ users, including data mapping, phased cutovers, and testing for secure IAM rollouts at scale.

Discover how QR code login boosts mobile-first authentication with secure, low-friction access, better UX, and support for custom enterprise CIAM journeys.

Learn how private cloud CIAM improves security, compliance, and user experience for modern SaaS teams with flexible, cloud-native authentication flows.

At IdentityPlane, we don't treat AI as a futuristic replacement for developers; we use it as a powerful co-pilot to write high-quality, cloud-native security software faster. Our focus is simple: leverage AI to improve our code quality and enjoy the speed benefits that come with it.

A technical walkthrough on Swiss E-ID credential issuance. This guide details setting up the swiyu-issuer service, issuing a custom VC via OID4VCI, and testing a verifier security flaw by spoofing a betaid-sdjwt credential.

In this post we explore how the verification process of the Swiss E-ID works with the swiyu wallet and break down the OID4VP (OpenID) request codes used to check credentials. Step-by-step we go through the steps for developers to build their own local proof-of-concept (PoC) verifier using Docker, including how to register a DID in the SWIYU system. Finally, we analyze the communication flow and discuss a potential security weakness found during testing.