HID

HID Origo is the issuing platform; AE orchestrates user and credential requests via its API.

Apple Wallet

via HID Origo Integration Service

Google Wallet

via HID Origo Integration Service

Samsung Wallet

—

Lifecycle authority

HID Origo

Status events from

HID Origo (CloudEvents batch)

Status

Active integration

Sequence flows

appleios

Apple Wallet issuance (iOS)

20 steps · 6 actors · 4 crypto envelopes

API surface

Mobile Identities v2.2legacy

Older SCIM-based API. User + Invitation Code + Credential Container + Mobile ID + Part Number model. Likely the legacy issuance path; the Guardian doc's "MOB Key" maps to a v2.2 Part Number.

Credential Management v3.xactive

Newer Pass-based API. Pass + Pass Template + Credential + PPPU. Matches the SDK calls in the AE engineering deck (origoKeysManager?.setupEndpoint(target:.appleWallet)).

HID's structural difference is policy-driven, not technical: HID does not allow their partners to act as Credential Managers. AE routes through HID Origo for both Apple and Google. Webhooks land at HID, who then notifies AE via CloudEvents batch deliveries. HID also routes through HID TSM (Trusted Service Manager) en route to the wallet platforms.