Issue credential

POST 
/v2/config/digital-wallet/openid/sdjwt/credential/issue

This endpoint is used to issue credentials based on the OID4VCI specification. It supports two issuance modes: InTime and Deferred. In InTime mode, the credential is mandatory and is issued immediately. In Deferred mode, the credential can be issued at a later time by calling the Issue deferred credential API.

Request

application/json

Body

oneOf

With credential definition

issuanceMode stringrequired

Issuance mode: InTime for immediate availability, Deferred for issuance after backend processing.

userPin string

Indicates if a userPin is needed with the Token Request. If not needed, this object is absent by default.

credentialDefinitionId stringrequired

Identifier for the credential definition.

credential object

The credential being issued, containing various attributes. It contains type,credentialSubject and credentialMetadata fields. The type indicates the credential type for e.g. PortableDocumentA1, credentialSubject defines the data attributes for a verifiable credential and credentialMetadata defines additional metadata for a verifiable credential

type string[]

credentialSubject object

property name* any

credentialMetadata object

property name* any

vct string

doctype string

claims object

credentialOfferEndpoint string

Credential offer endpoint of the holder wallet. If specified, the issuer will send the credential offer directly to this endpoint making it an issuer initiated issuance.

Dynamic credential request

issuanceMode stringrequired

Issuance mode: InTime for immediate availability, Deferred for issuance after backend processing.

credentialDefinitionId stringrequired

Identifier for the credential definition. Either this or credential must be present.

credential object

The credential being issued, containing various attributes. It contains type,credentialSubject and credentialMetadata fields. The type indicates the credential type for e.g. PortableDocumentA1, credentialSubject defines the data attributes for a verifiable credential and credentialMetadata defines additional metadata for a verifiable credential

type string[]

credentialSubject object

property name* any

credentialMetadata object

property name* any

vct string

doctype string

claims object

presentationDefinitionId stringrequired

Identifier for the presentation definition.

credentialOfferEndpoint string

Credential offer endpoint of the holder wallet. If specified, the issuer will send the credential offer directly to this endpoint making it an issuer initiated issuance.

Responses

200

Response Headers

application/json

Schema

Schema

credentialHistory object

CredentialExchangeId string

Identifier for the credential exchange record

issuanceMode string

Issuance mode: InTime for immediate availability, Deferred for issuance after backend processing.

isPreAuthorised boolean

Indicates if the grant type is pre-authorised or authorized code flow.

credentialOffer string

Credential offer defined as per OID4VCI draft 12 specification.

credentialStatus string

Possible values: [pending, ready]

Credential status: pending for issuance, ready for issuance.

status string

Possible values: [offer_sent, offer_received, credential_issued, credential_acked, credential_accepted, credential_deleted]

It support 6 credential offer statuses: 1. offer_sent: Indicates the credential offer has been sent to the holder. 2. offer_received: Indicates the credential offer has been received/scanned by the holder. 3. credential_issued: Indicates the credential has been issued to the holder. 4. credential_acked: Indicates the credential has been seen by the holder. 5. credential_accepted: Indicates the credential has been accepted by the holder. 6. credential_deleted: Indicates the credential has been deleted by the holder.

clientId string

Identifier for the client. For e.g. DID or URL e.t.c

userPin string

Indicates if a userPin is needed with the Token Request. If not needed, this object is absent by default.

createdAt number

Timestamp when the record was created.

updatedAt number

Timestamp when the record was updated.

credential object

The credential being issued, containing various attributes. It contains type and credentialSubject fields. The type indicates the credential type for e.g. PortableDocumentA1 and credentialSubject defines the data attributes for a verifiable credential.

property name* any

The credential being issued, containing various attributes. It contains type and credentialSubject fields. The type indicates the credential type for e.g. PortableDocumentA1 and credentialSubject defines the data attributes for a verifiable credential.

disclosureMapping object

Mapping of credential subject attributes to limited disclosure for SD-JWT credentials.

property name* any

Mapping of credential subject attributes to limited disclosure for SD-JWT credentials.

presentationDefinitionId string

Identifier for the presentation definition

presentationExchangeId string

Identifier for the presentation exchange record.

holder object

Contains the metadata describing a holder. For e.g. Name, location, logo e.t.c

name stringrequired

Identifier of the holder. For .e.g. DID or Name obtained from client metadata if available.

credentialFormat string

Possible values: [jwt_vc_json, dc+sd-jwt, mso_mdoc]

Specifies the credential format for verifiable credential.

supportRevocation boolean

Specifies the verifiable credential supports revocation.

revocationStatus string

Possible values: [Operational, Revoked, Suspended]

Specifies the revocation status for verifiable credential.

clientAssertion string

Client assertion token of the holder

clientAssertionTokenType string

Client assertion token type

isClientAssertionVerified boolean

Specifies client assertion token is verified or not

walletUnitAttestation string

Specifies the wallet unit attestation credential.

walletUnitAttestationPoP string

Specifies the wallet unit attestation pop credential.

walletUnitAttestationVerified boolean

Specifies the wallet unit attestation credential is verified.

credentialToken string

Specifies the credential being issued to the holder.

cnf object

Specifies the public key jwk of the holder.

property name* any

Specifies the public key jwk of the holder.

jti string

Unique jwt token identifier for credential token

proof string

Credential request proof jwt

proofType string

Credential request proof type

decodedWalletUnitAttestation object

The decoded wallet unit attestation credential presented by the holder.

property name* any

The decoded wallet unit attestation credential presented by the holder.

idToken string

Specifies the id token that has shared by the holder

idTokenDecoded object

Specifies the decoded id token jwk that shared by the holder

idTokenVerified boolean

Specifies the id token is verified.

Example (from schema)

{
  "credentialHistory": {
    "CredentialExchangeId": "string",
    "issuanceMode": "string",
    "isPreAuthorised": true,
    "credentialOffer": "string",
    "credentialStatus": "pending",
    "status": "offer_sent",
    "clientId": "string",
    "userPin": "string",
    "createdAt": 0,
    "updatedAt": 0,
    "credential": {},
    "disclosureMapping": {},
    "presentationDefinitionId": "string",
    "presentationExchangeId": "string",
    "holder": {
      "name": "string"
    },
    "credentialFormat": "jwt_vc_json",
    "supportRevocation": true,
    "revocationStatus": "Operational",
    "clientAssertion": "string",
    "clientAssertionTokenType": "string",
    "isClientAssertionVerified": true,
    "walletUnitAttestation": "string",
    "walletUnitAttestationPoP": "string",
    "walletUnitAttestationVerified": true,
    "credentialToken": "string",
    "cnf": {},
    "jti": "string",
    "proof": "string",
    "proofType": "string",
    "decodedWalletUnitAttestation": {},
    "idToken": "string",
    "idTokenDecoded": {},
    "idTokenVerified": true
  }
}

Loading...