Authentication & Authorization

The “Authentication and Authorization” service enables Gaia-X participants to authenticate other users and systems in a trusted, decentralized and self-sovereign manner without the need for a central source of authority.

Personal Credential Manager

The “Credential Manager” service enables Gaia-X users to manage their credentials themselves. To do this, the user needs secure storage (user wallet) and presentation capabilities in the authentication and authorization processes.

Organisation Credential Manager

The “Organisation Credential Manager” service establishes trust between the different participants within the decentralized Gaia-X ecosystem. It includes all trust-related functions required to manage and offer Gaia-X self-descriptions in the W3C Verifiable Credential Format. 

Trust Services API

The “trust services” service ensure that a consistent level of trust can be established between all components and participants in Gaia-X. They are the central, technical implementation of cryptographic functions for enforcing policies in the SSI context for the use of the capabilities provided in a decentralized and self-governing manner.

Federated Catalogue

The “Federated Catalogue” service include a catalog where Gaia-X resources, asset items, and participants can be found by potential consumers and end users. Resources, asset items and participants are provided at Gaia-X using self-descriptions.

Data Contract Service

The “Data Contract Service” enables data exchange in a secure, trustworthy and auditable way in the Gaia-X ecosystem. The Data Contract Service provides interfaces for negotiating data contracts that define the agreed terms (Data Asset Usage Policy) for the planned data exchange.

Data Exchange Logging Service

The “Data Exchange Logging Service” is used to run evidence whether data has been transmitted, received and rules and terms of use (data usage policies) have been respected or not within the Gaia-X ecosystem.

Continuous Automated Monitoring

The “Continuous Automated Monitoring” service provides Gaia-X users with transparency about whether individual service offerings in a Gaia-X Federated Catalog are compliant with the rules. This compliance is based on certain requirements and rules that Gaia-X itself has set for its system.

Onboarding & Accreditation Workflows

The “Onboarding & Accreditation Workflow” service ensures that all participants and offerings within the Gaia-X ecosystem undergo a validation process before being added to the Federated Catalog.

Notarization API

The “Notarization” service authenticates given master data and transforms it into a W3C-compliant, digitally verifiable representation. These tamper-proof digital assertions about specific attributes are central to gaining the desired trust in provided self-descriptions of assets and participants.


The “portal” service serves as a reference architecture for interacting with core service functions via an intuitive user interface and corresponding back-end implementation functions. The user interface provides mechanisms for interacting with core functions via API calls.


The “Orchestration” service allows Gaia-X consumers to instantiate and manage infrastructure services, such as virtual machines, from the Federated Catalog search results via the Gaia-X portal.

IDM & Trust Architecture

Core considerations related to:

  • Decentralized identity management
  • Trust Layer with signature and validation mechanisms
  • Service components/features supporting on-/offboarding processes
  • Access management