Get started with Credential Service
Understanding cheqd's Credentials-as-a-Service product offering
Introduction
The Credential Service is a set of REST APIs for using cheqd's identity functionality in a lightweight and highly efficient way.
With these APIs, it simplifies the developer experience, helping customers build Trusted Data Markets from the ground up, with zero prior knowledge of the technology under the hood. All of cheqdâs existing open-source libraries remain available, and the Credential Service does not necessitate developers to switch their SSI stack in their entirety, but allows them to build into their existing tooling, for example alongside APIs such as the Universal Resolver.
Get started
Sign in / Sign up
Head to our Credential Service and click Log In to create an account and get started.
Issue a Credential
Issue W3C conformant Verifiable Credentials easily over REST API.
Advanced config options
Run the Credential Service yourself or utilise your own external database.
Features
The Credential Service directly leverages our Veramo SDK Plugin, making a wide array of features available from launch, including:
Category | Feature | Status |
---|---|---|
Verifiable Credentials (VCs) | Issue Credential | â |
Verify Credential | â | |
Revoke Credential | â | |
Suspend Credential | â | |
Unsuspend Credential | â | |
Verifiable Presentations (VPs) | Verify Presentation | â |
Credential Payments | Create payment-gated resource | â |
Update payment-gated resource | â | |
Pay-to-verify credential status | â | |
Decentralised Identifiers (DIDs) | Create DID and DID Document | â |
Update DID Document | â | |
Resolve DID | â | |
Deactivate DID | â | |
List DIDs | â | |
Identity keys | Create identity keys | â |
Fetch identity keys | â | |
Status Lists | Create status list | â |
Publish status list | â | |
Update status list | â | |
Check status list | â | |
Search status lists | â | |
DID-Linked Resources (DLRs) | Create DID-Linked Resource | â |
Search DID-Linked Resources | â | |
Account | Create new account | â |
Fetch account details | â |
Understanding the different modes and client choices
With Credential Service, there are multiple ways it can be deployed and hosted to support clients with different requirements.
Option 1: Custodied by cheqd (Custodian Mode)
This mode is the most simple for users, allowing cheqd to custody both Cosmos AND Identity keys in Veramo KMS. This means that manages both ledger-writes and signing identity transactions on behalf of the customer.
To ensure this is highly secure, we have deployed an instance of a Veramo Key Management Store (KMS) which uses a Postgress DB (TypeOrm) to store Cosmos AND identity keys in one encrypted table, so it cannot be read in plaintext. This design allows us to segment different customers' keys securely and efficiently.
We use similar techniques to Password Managers such as 1Password and Bitwarden to ensure that even if the database were to be compromised, the keys would remain encrypted and unusable.
User optionality and toggles:
Within Custodian mode, we also enable clients to toggle
Option 2: Self-custodied (Client-managed mode)
Client-managed mode gives the Credential Service user the ability to utilise their own identity keys for signing identity transactions, while still allowing the Credential Service to manage the CHEQ account keys for writing to the cheqd network. This mode is intended to be used for more production environments where the user signs each identity transaction independently, affording a greater level of security and control to the client.
Full client-managed mode is still in development and we will update this documentation as and when it becomes available
Architecture
Under the hood, the Credential Service leverages our Veramo SDK Plugin for its identity functionality. Check out our guide on supported SDKs to understand how Credential Service fits together with our other Open Source packages.
Alternatives
Below are a list of alternatives for integrating with cheqd. Each offers a different set of protocols and underlying technical capabilities.
Veramo
The Veramo SDK Plugin is an extension of the Veramo SDK, a JavaScript framework for Trusted Data, adding support for cheqd functionality.
Credo
Credo is an SDK which supports ZKCreds (AnonCreds) and regular Verifiable Credentials natively with cheqd support.
Walt.id SSI Kit
Walt.id SSI Kit is an SDK that supports the European Architecture and Reference Framework (ARF) standards for identity, with full cheqd support.
Last updated