Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Learn how to issue and manage Verifiable Credentials and Presentations.
Verifiable Credentials are a tamper-evident data format for asserting a set of claims about a subject. You can issue and verify Verifiable Credentials and Presentations without building complex integrations, using our simple Credential Service APIs.
If you want to learn more about what Verifiable Credentials and Presentations are, please go over to our learning site here.
Make sure you've set up your account with Credential Service, then you can start to:
Credential Service supports two major digital Credential types and uses our Veramo SDK Plugin under the hood. Below you can learn about these Credential formats:
Below are a list of alternatives for using Credentials with cheqd support. Each offers a different set of protocols and underlying technical capabilities.
Learn about Verifiable Credentials and Presentations
Issue Credentials
Issue W3C conformant Verifiable Credentials easily over REST API.
Verify Credentials
Verify whether Credentials are valid, have been tampered or have expired.
Verify Presentation
Verify whether a combination of Credentials are valid, have been tampered or have expired.
JSON (JWT)
JSON Web Token (JWT) Credentials are a simple way to transmit Trusted Data as a JSON object.
JSON-LD
JSON-LD (Linked Data) Credentials are a richer data format, allowing applications to follow embedded links to other pieces of Linked Data across the web.
Veramo
The Veramo SDK Plugin is an extension of the Veramo SDK, a JavaScript framework for Trusted Data, adding support for cheqd functionality.
Credo
Credo is an SDK which supports ZKCreds (AnonCreds) and regular Verifiable Credentials natively with cheqd support.
Walt.id SSI Kit
Walt.id SSI Kit is an SDK that supports the European Architecture and Reference Framework (ARF) standards for identity, with full cheqd support.
Setup your wallet to receive credentials
Credential Service currently is setup to work with the Verida Wallet. In 2024, we will be building compatibility with a full suite of other digital identity wallets.
On the "Profile" tab, you will see your did:vda
address under the section "DID".
For example: "did:vda:testnet:0xD7477C4a75143Af16A967381d09650A533Bd0DD7"
A scannable QR code
The profile icon of the Verida DID that issued / signed the credential
A tick of approval indicating the credential has been verified
Credentials stored with the will automatically be rendered in the Verida Wallet as a credential. This custom display includes:
Issue conformant W3C Verifiable Credentials over REST API
Using the /credential/create
API, it is possible to issue Verifiable Credentials, signed by a cheqd DID, in a few clicks or lines of code.
Make sure you have set up your account with Credential Service and are logged in, using our guide below:
Before you can issue a Verifiable Credential, you need to create an Issuer DID which is used to sign the Credential payload. Use the API in the page below to create an Issuer DID:
Again, before you issue a Verifiable Credential, you need to know to whom you are issuing it. If you need to create a Subject DID, you can take a look at the page here:
Within the JSON object of the API request, you will need to input the issuer
and subject
information, as well as the attributes
which you want to issue in the Credential. You may also want to add additional fields such as a credentialSchema
.
Users have two options for compiling the Credential bodies and issuing Verifiable Credentials:
Filling out a simple form using the application/x-www-url-form-encoded
option on the Swagger UI.
Compiling a Credential body yourself using the application/json
option on the Swagger UI.
This is the easiest way to issue Credentials and is recommended for users who are not overly familiar with compiling JSON objects.
Using the application/x-www-url-form-encoded
option on the Swagger UI, users are able to choose between the following variables and options to issue Verifiable Credentials:
Below are a set of examples of alternative input parameters for users to specify the bitstring index of the issued Credential. The bitstring index is where exactly the issued credential will map to within the Status List. This should be noted and stored by the issuer to keep a record of which issued credentials are active, revoked or suspended:
Ensure that the "statusPurpose"
and "statusListName"
is the same as the existing Status List on-ledger.
Instead of using simple form variables, you can issue a Verifiable Credential using a JSON payload with the application/json
option on the Swagger UI.
Below is an example of the request format for issuing a Verifiable Credential using a custom JSON payload, including some of the possible parameters:
Execute the API below to issue a Verifiable Credential, signed by your issuer DID.
Below are a list of alternatives for using Credentials with cheqd support. Each offers a different set of protocols and underlying technical capabilities.
t
Set up your account
Set up your account with cheqd Credential Service and log in to start using the APIs.
Create an Issuer DID
Create a W3C conformant DID on cheqd using the did:cheqd
DID Method.
Create a Subject DID
Create an off-ledger did:key
or did:vda
Subject DID to receive a Verifiable Credential.
Setup Verida Wallet
Learn about setting up your Verida wallet to receive a did:vda
address.
Veramo SDK Plugin
The Veramo SDK Plugin is an extension of the Veramo SDK, a JavaScript framework for Trusted Data, adding support for cheqd functionality.
Credo
Credo is an SDK which supports ZKCreds (AnonCreds) and regular Verifiable Credentials natively with cheqd support.
Walt.id SSI Kit
Walt.id SSI Kit is an SDK that supports the European Architecture and Reference Framework (ARF) standards for identity, with full cheqd support.
Verify a Credential using Credential Service
Once you have issued your credential and have a JWT as part of the credential proof, you can use the /credential/verify
API to check that the JWT has not been tampered.
To verify a Credential, you can either pass the full Credential body or the JWT proof. These can be either obtained from a Credential that has been issued or from a Verifiable Presentation presented to the user.
The user is able to set verification parameters to filter whether they want to verify certain aspects of a Credential, including:
Simply paste the JWT or the full credential body into the request field of the /credential/verify
API, and the API will give you a response including the following verification policies:
Whether the Credential has been tampered
Whether the Credential has a valid issuance date
Whether the Credential has expired
Whether the Credential Status is valid
Using cheqd's innovative DID-Linked Resource module, cheqd is able to support decentralized and scalable Verifiable Credential revocation and suspension. Using this API, the user is able to choose whether they would like to publish the revocation status to the cheqd ledger or elsewhere.
It is best practice for issuers to keep a record of the Credentials they have issued, including the "statusListIndex
" of the Credentials. From this record system, issuers should be able to fetch either the full Credential Body or the JWT proof of the Credential they want to revoke.
When revoking a Credential, issuers can decide whether they want to publish an updated Status List on-ledger, with the revoked credential index updated in the bitstring. The parameter below can be changed to reflect this:
Paste the Credential Body or JWT into the API below and execute the API to revoke the Credential.
Users are also able to suspend Verifiable Credentials. The difference between revocation and suspension is that suspended Credentials may be unsuspended at a future date; whereas, revoked credentials are permanently revoked.
It is best practice for issuers to keep a record of the Credentials they have issued, including the "statusListIndex
" of the Credentials. From this record system, issuers should be able to fetch either the full Credential Body or the JWT proof of the Credential they want to suspend.
When suspending a Credential, issuers can decide whether they want to publish an updated Status List on-ledger, with the suspended credential index updated in the bitstring. The parameter below can be changed to reflect this:
Paste the Credential Body or JWT into the API below and execute the API to suspend the Credential.
If a Credential has been suspended, and an Issuer wants to unsuspend the Credential to make it once again valid, the Issuer can reinstate a suspended Credential.
It is best practice for issuers to keep a record of the Credentials they have issued, including the "statusListIndex
" of the Credentials. From this record system, issuers should be able to fetch either the full Credential Body or the JWT proof of the Credential they want to unsuspend.
When unsuspending or reinstating a Credential, issuers can decide whether they want to publish an updated Status List on-ledger, with the unsuspended credential index updated in the bitstring. The parameter below can be changed to reflect this:
Paste the Credential Body or JWT into the API below and execute the API to unsuspend the Credential.
A Verifiable Presentation is a collection of multiple Verifiable Credentials that are being presented by a holder
to a verifier
. In addition to checking whether the Credentials are untampered, Verifiable Presentation verification also checks that the holder
subject DID is valid.
To verify a Credential, you can either pass the full VP-JWT string or a JSON object. These can be either obtained from a Verifiable Presentation presented to the user.
The user is able to set verification parameters to filter whether they want to verify certain aspects of a Presentation, including:
Use the API below to verify a Presentation
Verida wallet
Download the Verida wallet to receive credentials issued by cheqd's Credential Service to a did:vda
address.