This pattern is particularly evident in public authorities, educational institutions and regulated industries: digital processes work up to the moment when identity and commitment play a role. As soon as it comes to identity verification, consent, authorisations or signatures, the procedure switches to paper or a personal visit. Not out of habit, but because identity and consent are often not consistently verifiable digitally.

With the European Digital Identity Wallet (EUDI Wallet), a framework is being created in Europe that addresses precisely this issue: Identity and official proofs should become usable in such a way that online services are not only convenient, but resilient. Together with esatus, we have demonstrated how an EUDI wallet-supported login can be implemented in OpenCloud and how verified identity data can be used directly in applications. This creates a basis for collaboration spaces in which only people whose identity has been officially verified via the EUDI Wallet (e.g. by ID card) can work.

What is the EUDI Wallet?

Simply put, the EUDI Wallet is a wallet app for official proofs of identity. Users should be able to use it to digitally manage and present evidence in a targeted manner, for example, depending on the national implementation:

• proof of identity (e.g. ID card)
• authorisations (e.g. driving licence)
• qualifications (e.g. school or university degree)
• other official documents (e.g. certificate of good conduct)
• . certificate of good conduct)

One thing is particularly important when dealing with authorities: identity is not only checked at the beginning of an online contact, but can be reliably verified throughout the entire process.

Why this is relevant for administrations and organisations

The use of verified proof of identity in the login process is particularly relevant wherever reliable identity verification, controlled access and traceable digital processes are required. This applies to public authorities as well as regulated industries and KRITIS and NIS2-regulated organisations.

This is also interesting for closed digital workspaces across institutional boundaries, for example in collaboration between municipalities, special-purpose associations or project-related partners. Where several organisations work together on documents and processes, a classic account login is often not enough. In such cases, it is important to be able to clearly assign a person's identity and securely check their authorisation for the respective room or process.

EUDI wallet login in OpenCloud via QR code

In many environments, a classic account login is not enough. The question is: Who is this person really and are they allowed in this room? This is exactly where the EUDI wallet login in OpenCloud comes in.

How the login works:

1. Users open OpenCloud in their browser.
2. OpenCloud displays a QR code when they log in.
3. The QR code is scanned with the smartphone.
4. Authentication takes place in the EUDI Wallet app, in which the identity is officially verified (e.g. by ID card).
5. After successful confirmation, verified identity data is transmitted from the wallet to the application.
6. On this basis, the login to OpenCloud takes place.

OpenCloud becomes a workspace in which only people who have confirmed their access via verified proof can move around.

"The implementation was achieved with little effort, as OpenCloud consistently relies on open standards such as OpenID Connect and can be integrated into existing setups via Keycloak," says Tobias Baader, Product Manager at OpenCloud.

What a verified login changes in practice

A verified login is not just another way to open a user account. It opens a workspace in which the identity of those involved is verifiably secured on the basis of official proof. For public authorities, this is particularly relevant in three situations.

Firstly, where collaboration must be deliberately closed, for example in committees, internal coordination, contract awards or sensitive project groups. Secondly, in cross-departmental and cross-level scenarios in which several departments are involved and responsibility must not get "lost in e-mail processes". Thirdly, wherever external parties are involved without wanting to relinquish control over identities and access models: municipalities, special-purpose organisations, sponsors, holding companies or project-related partners.

"The added value of a wallet login lies in the fact that identity is not only checked, but can be used reliably throughout the entire process. Together with OpenCloud, we are showing how this approach can be translated into a concrete login process, thus creating the basis for traceable digital processes," says Dr Andre Kudra, CIO, esatus AG.

Once the login has been verified, the OpenCloud environment can be viewed as a controlled space in which documents, roles, versions and responsibilities fit together neatly.

An important basis for signatures without a paper trail

The wallet login does not automatically make documents legally binding. However, it strengthens the chain of evidence because access is linked to a verified identity, making it clearer who has actually acted in a closed workspace.

In many procedures, legally binding documents are only created through regulated signature or sealing processes (depending on the requirements and legal basis). The verified login is an important basis for this: it creates the prerequisite that approvals and signatures can then be consistently anchored digitally in the workflow.

Documents should be able to become legally binding where they are created and processed. Not as a special process in a separate tool, not as a media break, but as a consistent component of the workflow. In practice, this means that a template is agreed in OpenCloud, finalised, submitted for approval and the decisive confirmation is provided digitally, linked to a verified identity.

This changes the nature of administrative work. Signing and approval are no longer treated as an analogue process "outside" the system, but as a traceable step in the digital process. This strengthens verifiability, both internally and externally.

Status: technical foundation

The technical foundation was laid together with esatus: Identity can be verified via the EUDI Wallet and integrated into the login process. In future, signature and approval processes will also be mapped digitally on this basis.

The core elements were demonstrated in practice:

• Verified login in OpenCloud (wallet-supported, identity officially verified, e.g. by ID card)
• Verified login in OpenCloud (wallet-supported, identity officially verified, e.g. by ID card) by ID card)
• QR code flow (browser → smartphone → wallet authentication)
• Use of verified identity data for login
• Collaboration with esatus
• Perspective: signed documents as the next logical step

If you are interested in testing this in real scenarios: A Closed Beta is available at enquiry, in which organisations can test the approach in a defined framework and provide feedback.