Issue a Credential to an AI Agent using cheqd's APIs.
Once you have created your Trust Registry for the accreditation and authorisation of the organisations in your ecosystem, you can issue a credential to your AI Agent.
Step 1: Create DID for AI Agent
Each AI Agent must have its own DID to securely receive and manage credentials and accreditations. This identification allows the AI Agent to cryptographically control these credentials and accreditations.
As described in the previous tutorial, you should have already designed and published schemas for your AI Agent ecosystem.
You must decide which schema to use for the credential you are issuing to the AI Agent. You should make sure that you, as an issuer, are accreditedToAttest for the specific credential schema you want to use.
Step 3: Compile Credential Request
To ensure the AI Agent's credentials are demonstrably verifiable to a root of trust, certain steps are essential in the credential issuance process.
The table below breaks down what components are required and why they are needed:
Field
Required?
Description
issuerDid
Yes
The Issuer DID issuing the credential to the AI Agent
subjectDid
Yes
The DID of the AI Agent
attributes
Yes
The specific permissions, scopes or attributes you want to issue to the AI Agent
type
Yes
The type of credential. This should match the types the issuer is accredited to issue,
format
No
Defaults to VC JWT
credentialSchema
Yes
The credential schema matching the attributes of the credential
termsOfUse
Yes
Pointers to the accreditations of the issuer
type
Yes
Must be attestationPolicy
parentAccreditation
Yes
Must point to the accreditation of the Issuer, matching the credential type and schema
rootAuthorisation
Yes
Must point to the root authorisation that has accredited DIDs higher in the trust chain.
Step 4: Issue Verifiable Credential to AI Agent
Issue the compiled credential using the cheqd studio API enpoint below:
(Optional) Step 5: Publish Credential Response as a DID-Linked Resource
The Issuer, after issuing the credential to the AI Agent, may publish the response (the fully formatted verifiable credential) as a DID-Linked Resource.
The response format should look like the following example, including a proof (signed by the issuer).
You can follow the tutorial below to publish your issued credential as a DID-Linked Resource. Generally we suggest the resourceType of VerifiableAttestation for credentials issued to AI Agents.
This will store the schemas securely on the cheqd Network, where they can be fetched using DID URLs.
Step 5: Provision Verifiable Credential into AI Agent using MCP server
To complete the setup of your AI Agent trust registry and its associated credential, the final step is to provision this credential directly into the AI Agent's wallet using our MCP Server. Follow the tutorial below to finalize your setup!
This endpoint issues a Verifiable Credential. As input it takes the list of issuerDid, subjectDid, attributes, and other parameters of the credential to be issued.
Authorizations
Body
Input fields for the creating a Verifiable Credential.
issuerDidstringRequired
DID of the Verifiable Credential issuer. This needs to be a did:cheqd DID.
RefreshService property MUST be one or more refresh services that provides enough information to the recipient's software such that the recipient can refresh the verifiable credential.
Evidence property MUST be one or more evidence schemes providing enough information for a verifier to determine whether the evidence gathered by the issuer meets its confidence requirements for relying on the credential.