Issue Verifiable Credentials to AI Agent

Issue a Credential to an AI Agent or Swarm of AI Agents

Once you have created your Trust Registry for the accreditation and authorisation of the organisations in your ecosystem, you can issue a credential to your AI Agent.

Step 1: Create DID for AI Agent

Each AI Agent will need to be identified by its own DID, to which it will receive credentials and/or accreditations. This enables the AI Agent to be cryptographically able to assert control over these credentials and/or accreditations.

Create an Issuer DID

Create a W3C conformant DID on cheqd using the did:cheqd DID Method.

Step 2: Choose Schema for Credential

As described in the previous tutorial, you should have already designed and published schemas for your AI Agent ecosystem.

You must decide which schema to use for the credential you are issuing to the AI Agent. You should make sure that you as an issuer are accreditedToAttest for the specific credential schema you want to use.

Step 3: Compile Credential Request

There a few required parts of the credential issuance process, if you want to make sure the AI Agent can demonstrate it is verifiable to a root of trust.

An example of the request format is below:

{
  "issuerDid": "did:cheqd:testnet:0a35d559-00ff-41b6-81ad-f64faa522771",
  "subjectDid": "did:cheqd:testnet:a7e8bf7c-9d97-4b1e-a7bb-43a6754aafbf",
  "attributes": {
      "aiAgentName": "ChatGPT-4 Turbo",
      "aiAgentVersion": "4.0-turbo",
      "model": "GPT-4 Turbo",
      "modelVersion": "4.0",
      "contextWindow": 128000,
      "temperature": 0.7,
      "topK": 40,
      "topP": 0.9,
      "maxTokens": 4096,
      "fineTuned": false,
      "fineTuningDetails": null,
      "safetyRating": "ISO 42001 Certified",
      "evaluationMetrics": [
        "BLEU-4",
        "ROUGE-L",
        "F1 Score: 92.5%"
      ],
      "certificationAuthority": "AI Ethics Board",
      "validUntil": "2026-03-28T12:00:00Z"
  },
  "type": [
    "VerifiableCredential",
    "VerifiableAttestation",
    "AIAgentAuthorisation"
  ],
  "format": "jwt",
  "credentialSchema": "https://resolver.cheqd.net/1.0/identifiers/did:cheqd:testnet:c6630f1e-9248-4af6-b7ac-5bcaf646f213?resourceName=AIAgentAuthorisation&resourceType=JSONSchemaValidator2020",
    "termsOfUse": {
      "type": "AttestationPolicy",
      "parentAccreditation": "did:cheqd:testnet:0a35d559-00ff-41b6-81ad-f64faa522771?resourceName=AccreditationToAttest&resourceType=VerifiableAccreditationToAttest",
      "rootAuthorisation": "did:cheqd:testnet:c6630f1e-9248-4af6-b7ac-5bcaf646f213?resourceName=OrganisationAuthorisationForAIAgents&resourceType=VerifiableAuthorisationForTrustChain"
    }
}

The table below breaks down what components are required and why they are needed:

Field

Required?

Description

issuerDid

Yes

The Issuer DID issuing the credential to the AI Agent

subjectDid

Yes

The DID of the AI Agent

attributes

Yes

The specific permissions, scopes or attributes you want to issue to the AI Agent

type

Yes

The type of credential. This should match the types the issuer is accredited to issue,

format

Defaults to VC JWT

credentialSchema

Yes

The credential schema matching the attrbiutes of the credential

termsOfUse

Yes

Pointers to the accreditations of the issuer

type

Yes

Must be attestationPolicy

parentAccreditation

Yes

Must point to the accreditation of the Issuer, matching the credential type and schema

rootAuthorisation

Yes

Must point to the root authorisation that has accredited DIDs higher in the trust chain.

Step 4: Issue Verifiable Credential to AI Agent

Issue the compiled credential using the API below

Issue a Verifiable Credential

post

This endpoint issues a Verifiable Credential. As input it takes the list of issuerDid, subjectDid, attributes, and other parameters of the credential to be issued.

Authorizations

Body

Input fields for the creating a Verifiable Credential.

issuerDidstringrequired

DID of the Verifiable Credential issuer. This needs to be a did:cheqd DID.

Example: did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0

subjectDidstringrequired

DID of the Verifiable Credential holder/subject. This needs to be a did:key DID.

Example: did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK

attributesobjectrequired

JSON object containing the attributes to be included in the credential.

Example: {"name":"Bob","gender":"male"}

@contextstring[]optional

Optional properties to be included in the @context property of the credential.

Example: ["https://schema.org/schema.jsonld","https://veramo.io/contexts/profile/v1"]

typestring[]optional

Optional properties to be included in the type property of the credential.

Example: ["Person"]

expirationDatestring · date-timeoptional

Optional expiration date according to the <a href=https://www.w3.org/TR/vc-data-model/#expiration> VC Data Model specification.

Example: 2023-06-08T13:49:28.000Z

formatstring · enumoptional

Format of the Verifiable Credential. Defaults to VC-JWT.

Example: jwtAvailable options:

credentialStatusobjectoptional

Optional credentialStatus properties for VC revocation or suspension. Takes statusListName and statusListPurpose as inputs.

Example: {"statusPurpose":"revocation","statusListName":"employee-credentials"}

termsOfUseobject[]optional

Terms of use can be utilized by an issuer or a holder to communicate the terms under which a verifiable credential was issued.

Example:

{"type":"IssuerPolicy","id":"http://example.com/policies/credential/4","profile":"http://example.com/profiles/credential","prohibition":[{"assigner":"https://example.edu/issuers/14","assignee":"AllVerifiers","target":"http://example.edu/credentials/3732","action":["Archival"]}]}

refreshServiceobject[]optional

RefreshService property MUST be one or more refresh services that provides enough information to the recipient's software such that the recipient can refresh the verifiable credential.

Example: {"type":"ManualRefreshService2018","id":"https://example.edu/refresh/3732"}

evidenceobject[]optional

Evidence property MUST be one or more evidence schemes providing enough information for a verifier to determine whether the evidence gathered by the issuer meets its confidence requirements for relying on the credential.

Example:

{"type":["DocumentVerification"],"id":"https://example.edu/evidence/f2aeec97-fc0d-42bf-8ca7-0548192d4231","verifier":"https://example.edu/issuers/14","evidenceDocument":"DriversLicense","subjectPresence":"Physical","documentPresence":"Physical","licenseNumber":"123AB4567"}

Responses

application/json

objectoptional

Input fields for revoking/suspending a Verifiable Credential.

Example:

{"@context":["https://www.w3.org/2018/credentials/v1","https://schema.org","https://veramo.io/contexts/profile/v1"],"credentialSubject":{"gender":"male","id":"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK","name":"Bob"},"credentialStatus":{"id":"https://resolver.cheqd.net/1.0/identifiers/did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e?resourceName=cheqd-suspension-1&resourceType=StatusList2021Suspension#20","statusIndex":20,"statusPurpose":"suspension","type":"StatusList2021Entry"},"issuanceDate":"2023-06-08T13:49:28.000Z","issuer":{"id":"did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0"},"proof":{"jwt":"eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6Y2hlcWQ6dGVzdG5ldDo3YmY4MWEyMC02MzNjLTRjYzctYmM0YS01YTQ1ODAxMDA1ZTAiLCJuYmYiOjE2ODYyMzIxNjgsInN1YiI6ImRpZDprZXk6ejZNa2hhWGdCWkR2b3REa0w1MjU3ZmFpenRpR2lDMlF0S0xHcGJubkVHdGEyZG9LIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3NjaGVtYS5vcmciLCJodHRwczovL3ZlcmFtby5pby9jb250ZXh0cy9wcm9maWxlL3YxIl0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImdlbmRlciI6Im1hbGUiLCJuYW1lIjoiQm9iIn0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJQZXJzb24iXX19.wMfdR6RtyAZA4eoWya5Aw97wwER2Cm5Guk780Xw8H9fA3sfudIJeLRLboqixpTchqSbYeA7KbuCTAnLgXTD_Cg","type":"JwtProof2020"},"type":["VerifiableCredential","Person"]}

post

POST /credential/issue HTTP/1.1
Host: 
x-api-key: YOUR_API_KEY
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 364

"issuerDid='did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0'&subjectDid='did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK'&attributes={'gender':'male','name':'Bob'}&@context=['https://schema.org']&type=['Person']&format='jwt'&credentialStatus={'statusPurpose':'revocation','statusListName':'employee-credentials','statusListIndex':10}"

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://schema.org",
    "https://veramo.io/contexts/profile/v1"
  ],
  "credentialSubject": {
    "gender": "male",
    "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
    "name": "Bob"
  },
  "credentialStatus": {
    "id": "https://resolver.cheqd.net/1.0/identifiers/did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e?resourceName=cheqd-suspension-1&resourceType=StatusList2021Suspension#20",
    "statusIndex": 20,
    "statusPurpose": "suspension",
    "type": "StatusList2021Entry"
  },
  "issuanceDate": "2023-06-08T13:49:28.000Z",
  "issuer": {
    "id": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0"
  },
  "proof": {
    "jwt": "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6Y2hlcWQ6dGVzdG5ldDo3YmY4MWEyMC02MzNjLTRjYzctYmM0YS01YTQ1ODAxMDA1ZTAiLCJuYmYiOjE2ODYyMzIxNjgsInN1YiI6ImRpZDprZXk6ejZNa2hhWGdCWkR2b3REa0w1MjU3ZmFpenRpR2lDMlF0S0xHcGJubkVHdGEyZG9LIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL3NjaGVtYS5vcmciLCJodHRwczovL3ZlcmFtby5pby9jb250ZXh0cy9wcm9maWxlL3YxIl0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImdlbmRlciI6Im1hbGUiLCJuYW1lIjoiQm9iIn0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJQZXJzb24iXX19.wMfdR6RtyAZA4eoWya5Aw97wwER2Cm5Guk780Xw8H9fA3sfudIJeLRLboqixpTchqSbYeA7KbuCTAnLgXTD_Cg",
    "type": "JwtProof2020"
  },
  "type": [
    "VerifiableCredential",
    "Person"
  ]
}

Step 5: Publish Credential Response as a DID-Linked Resource

The Issuer, after issuing the credential to the AI Agent, should publish the response (the fully formatted verifiable credential) as a DID-Linked Resource.

The response format should look like the following example, including a proof (signed by the issuer).

{
  "credentialSubject": {
    "aiAgentName": "ChatGPT-4 Turbo",
    "aiAgentVersion": "4.0-turbo",
    "model": "GPT-4 Turbo",
    "modelVersion": "4.0",
    "contextWindow": 128000,
    "temperature": 0.7,
    "topK": 40,
    "topP": 0.9,
    "maxTokens": 4096,
    "fineTuned": false,
    "fineTuningDetails": null,
    "safetyRating": "ISO 42001 Certified",
    "evaluationMetrics": [
      "BLEU-4",
      "ROUGE-L",
      "F1 Score: 92.5%"
    ],
    "certificationAuthority": "AI Ethics Board",
    "validUntil": "2026-03-28T12:00:00Z",
    "id": "did:cheqd:testnet:a7e8bf7c-9d97-4b1e-a7bb-43a6754aafbf"
  },
  "issuer": {
    "id": "did:cheqd:testnet:0a35d559-00ff-41b6-81ad-f64faa522771"
  },
  "type": [
    "VerifiableCredential",
    "VerifiableAttestation",
    "AIAgentAuthorisation"
  ],
  "termsOfUse": {
    "type": "AttestationPolicy",
    "parentAccreditation": "did:cheqd:testnet:0a35d559-00ff-41b6-81ad-f64faa522771?resourceName=AccreditationToAttest&resourceType=VerifiableAccreditationToAttest",
    "rootAuthorisation": "did:cheqd:testnet:c6630f1e-9248-4af6-b7ac-5bcaf646f213?resourceName=OrganisationAuthorisationForAIAgents&resourceType=VerifiableAuthorisationForTrustChain"
  },
  "credentialSchema": "https://resolver.cheqd.net/1.0/identifiers/did:cheqd:testnet:c6630f1e-9248-4af6-b7ac-5bcaf646f213?resourceName=AIAgentAuthorisation&resourceType=JSONSchemaValidator2020",
  "@context": [
    "https://www.w3.org/2018/credentials/v1"
  ],
  "issuanceDate": "2025-04-04T02:43:52.000Z",
  "proof": {
    "type": "JwtProof2020",
    "jwt": "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQUlBZ2VudEF1dGhvcmlzYXRpb24iXSwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWlBZ2VudE5hbWUiOiJDaGF0R1BULTQgVHVyYm8iLCJhaUFnZW50VmVyc2lvbiI6IjQuMC10dXJibyIsIm1vZGVsIjoiR1BULTQgVHVyYm8iLCJtb2RlbFZlcnNpb24iOiI0LjAiLCJjb250ZXh0V2luZG93IjoxMjgwMDAsInRlbXBlcmF0dXJlIjowLjcsInRvcEsiOjQwLCJ0b3BQIjowLjksIm1heFRva2VucyI6NDA5NiwiZmluZVR1bmVkIjpmYWxzZSwiZmluZVR1bmluZ0RldGFpbHMiOm51bGwsInNhZmV0eVJhdGluZyI6IklTTyA0MjAwMSBDZXJ0aWZpZWQiLCJldmFsdWF0aW9uTWV0cmljcyI6WyJCTEVVLTQiLCJST1VHRS1MIiwiRjEgU2NvcmU6IDkyLjUlIl0sImNlcnRpZmljYXRpb25BdXRob3JpdHkiOiJBSSBFdGhpY3MgQm9hcmQiLCJ2YWxpZFVudGlsIjoiMjAyNi0wMy0yOFQxMjowMDowMFoifSwidGVybXNPZlVzZSI6eyJ0eXBlIjoiQXR0ZXN0YXRpb25Qb2xpY3kiLCJwYXJlbnRBY2NyZWRpdGF0aW9uIjoiZGlkOmNoZXFkOnRlc3RuZXQ6MGEzNWQ1NTktMDBmZi00MWI2LTgxYWQtZjY0ZmFhNTIyNzcxP3Jlc291cmNlTmFtZT1BY2NyZWRpdGF0aW9uVG9BdHRlc3QmcmVzb3VyY2VUeXBlPVZlcmlmaWFibGVBY2NyZWRpdGF0aW9uVG9BdHRlc3QiLCJyb290QXV0aG9yaXNhdGlvbiI6ImRpZDpjaGVxZDp0ZXN0bmV0OmM2NjMwZjFlLTkyNDgtNGFmNi1iN2FjLTViY2FmNjQ2ZjIxMz9yZXNvdXJjZU5hbWU9T3JnYW5pc2F0aW9uQXV0aG9yaXNhdGlvbkZvckFJQWdlbnRzJnJlc291cmNlVHlwZT1WZXJpZmlhYmxlQXV0aG9yaXNhdGlvbkZvclRydXN0Q2hhaW4ifSwiY3JlZGVudGlhbFNjaGVtYSI6Imh0dHBzOi8vcmVzb2x2ZXIuY2hlcWQubmV0LzEuMC9pZGVudGlmaWVycy9kaWQ6Y2hlcWQ6dGVzdG5ldDpjNjYzMGYxZS05MjQ4LTRhZjYtYjdhYy01YmNhZjY0NmYyMTM_cmVzb3VyY2VOYW1lPUFJQWdlbnRBdXRob3Jpc2F0aW9uJnJlc291cmNlVHlwZT1KU09OU2NoZW1hVmFsaWRhdG9yMjAyMCJ9LCJzdWIiOiJkaWQ6Y2hlcWQ6dGVzdG5ldDphN2U4YmY3Yy05ZDk3LTRiMWUtYTdiYi00M2E2NzU0YWFmYmYiLCJuYmYiOjE3NDM3MzQ2MzIsImlzcyI6ImRpZDpjaGVxZDp0ZXN0bmV0OjBhMzVkNTU5LTAwZmYtNDFiNi04MWFkLWY2NGZhYTUyMjc3MSJ9.z9xTp5dSMACTLhrAsO-RBjcmaJJvWHqD6_78FTjaOkBroAMS0f8NlvpIrC7CGojkzCv_T8M_VBexzXU9I8JKAg"
  }
}

The Issuer should use this tutorial to publish the credential as a DID-Linked Resource to their own DID.

You can follow the tutorial here to publish your issued credential as a DID-Linked Resource. Generally we suggest the resourceType of VerifiableAttestation for credentials issued to AI Agents.

Create DID-Linked Resource

Link resources such as schemas to your DID, publishing as a DID-Linked Resource.

This will store the schemas securely on the cheqd Network, where they can be fetched using DID URLs.

Now your AI Agent will have everything it needs to present its credential and prove that it is trustworthy, using our trust registry validator in the next tutorial!

Last updated 11 days ago

Was this helpful?