search
cheqd StudioSupport / Bug Reports
githubEdit

Issue a Verifiable Credential

Issue a Verifiable AnonCreds Credential, signed by a did:cheqd Decentralized Identifier (DID), using the ACA-Py API endpoints.

Using the /issue-credential-2.0 API endpoints, it is possible to issue Verifiable Credentials, signed by a cheqd DID, in a few clicks or lines of code. By following the following steps, you can effectively issue verifiable credentials using ACA-Py integrated with the cheqd ecosystem.

hashtag
Step 1: Create a Connection with Holder

Use any supported method to create a connection with the Holder of the credential. Automated out-of-band protocolarrow-up-right is recommended.

hashtag
1a: Issuer Creates Connection Invite

The Issuer agent will create a new connection invite for the Holder. This is needed to securely communicate between the Issuer and the Holder agents.

hashtag
Create a new connection invitation

post
Query parameters
auto_acceptbooleanOptional

Auto-accept connection (defaults to configuration)

create_unique_didbooleanOptional

Create unique DID for this invitation (default false)

multi_usebooleanOptional

Create invitation for multiple use (default false)

Body
acceptstring[]Optional

List of mime type in order of preference that should be use in responding to the message

Example: ["didcomm/aip1","didcomm/aip2;env=rfc19"]
aliasstringOptional

Alias for connection

Example: Barry
goalstringOptional

A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message

Example: To issue a Faber College Graduate credential
goal_codestringOptional

A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message

Example: issue-vc
handshake_protocolsstring[]Optional

Handshake protocol to specify in invitation

mediation_idstringOptional

Identifier for active mediation record to be used

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}
metadataobjectOptional

Optional metadata to attach to the connection created with the invitation

my_labelstringOptional

Label for connection invitation

Example: Invitation to Barry
protocol_versionstringOptional

OOB protocol version

Example: 1.1
use_didstringOptional

DID to use in invitation

Example: did:example:123
use_did_methodstring · enumOptional

DID method to use in invitation

Example: did:peer:2Possible values:
use_public_didbooleanOptional

Whether to use public DID in invitation

Responses
chevron-right
200Success
application/json
created_atstringOptional

Time of record creation

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
invi_msg_idstringOptional

Invitation message identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
invitation_idstringOptional

Invitation record identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
invitation_urlstringOptional

Invitation message URL

Example: https://example.com/endpoint?c_i=eyJAdHlwZSI6ICIuLi4iLCAiLi4uIjogIi4uLiJ9XX0=
oob_idstringOptional

Out of band record identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
statestringOptional

Out of band message exchange state

Example: await_response
tracebooleanOptional

Record trace information, based on agent configuration

updated_atstringOptional

Time of last record update

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
post
/out-of-band/create-invitation
200Success

hashtag
Parameters and Request Body

For automated acceptance, pass the following parameters:

chevron-rightauto_accepthashtag

Set this to true

A simple request body is below:

hashtag
1b: Holder receives invitation

The above request will have an invitation in the response. Holder will have to copy that invitation and pass in the body of the following API call.

hashtag
Receive a new connection invitation

post
Query parameters
aliasstringOptional

Alias for connection

Example: {"value":"Barry"}
auto_acceptbooleanOptional

Auto-accept connection (defaults to configuration)

mediation_idstringOptional

Identifier for active mediation record to be used

Example: {"value":"3fa85f64-5717-4562-b3fc-2c963f66afa6"}Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}
use_existing_connectionbooleanOptional

Use an existing connection, if possible

Body
@idstringOptional

Message identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
@typestringOptional

Message type

Example: https://didcomm.org/my-family/1.0/my-message-type
acceptstring[]Optional

List of mime type in order of preference

Example: ["didcomm/aip1","didcomm/aip2;env=rfc19"]
goalstringOptional

A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message

Example: To issue a Faber College Graduate credential
goal_codestringOptional

A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message

Example: issue-vc
handshake_protocolsstring[]Optional

Handshake protocol

imageUrlstring · urlOptional

Optional image URL for out-of-band invitation

Example: http://192.168.56.101/img/logo.jpg
labelstringOptional

Optional label

Example: Bob
Responses
chevron-right
200Success
application/json
attach_thread_idstringOptional

Connection record identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
connection_idstringOptional

Connection record identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
created_atstringOptional

Time of record creation

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
invi_msg_idstringRequired

Invitation message identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
multi_usebooleanOptional

Allow for multiple uses of the oob invitation

Example: true
oob_idstringRequired

Oob record identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
our_recipient_keystringOptional

Recipient key used for oob invitation

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
rolestring · enumOptional

OOB Role

Example: receiverPossible values:
statestring · enumRequired

Out of band message exchange state

Example: await-responsePossible values:
tracebooleanOptional

Record trace information, based on agent configuration

updated_atstringOptional

Time of last record update

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
post
/out-of-band/receive-invitation
200Success

hashtag
Parameters and Request Body

chevron-rightauto_accepthashtag

Set this to true

chevron-rightaliashashtag

Pass an alias for the connection

chevron-rightuse_existing_connectionhashtag

Set this to true

The request body should be the invitation value from the /create-invitation call by the Issuer.

hashtag
Step 2: Prepare Credential Offer

Generate a credential offer using the /issue-credential-2.0/send-offer API. This offer is sent to the holder, informing them about the available credential and its attributes.

hashtag
Send holder a credential offer, independent of any proposal

post
Body
auto_issuebooleanOptional

Whether to respond automatically to credential requests, creating and issuing requested credentials

auto_removebooleanOptional

Whether to remove the credential exchange record on completion (overrides --preserve-exchange-records configuration setting)

commentstringOptional

Human-readable comment

connection_idstringRequired

Connection identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
replacement_idstringOptional

Optional identifier used to manage credential replacement

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
tracebooleanOptional

Record trace information, based on agent configuration

Responses
chevron-right
200Success
application/json
auto_issuebooleanOptional

Issuer choice to issue to request in this credential exchange

auto_offerbooleanOptional

Holder choice to accept offer in this credential exchange

auto_removebooleanOptional

Issuer choice to remove this credential exchange record when complete

connection_idstringOptional

Connection identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
created_atstringOptional

Time of record creation

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
cred_ex_idstringOptional

Credential exchange identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
error_msgstringOptional

Error message

Example: The front fell off
initiatorstring · enumOptional

Issue-credential exchange initiator: self or external

Example: selfPossible values:
parent_thread_idstringOptional

Parent thread identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
rolestring · enumOptional

Issue-credential exchange role: holder or issuer

Example: issuerPossible values:
statestring · enumOptional

Issue-credential exchange state

Example: donePossible values:
thread_idstringOptional

Thread identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
tracebooleanOptional

Record trace information, based on agent configuration

updated_atstringOptional

Time of last record update

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
post
/issue-credential-2.0/send-offer
200Success

hashtag
Step 3: Holder accepts credential offer

The Holder has to retrieve the credential exchange id, and call this API to accept the offer.

hashtag
Send issuer a credential request

post
Path parameters
cred_ex_idstringRequired

Credential exchange identifier

Example: {"value":"3fa85f64-5717-4562-b3fc-2c963f66afa6"}Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}
Body
auto_removebooleanOptional

Whether to remove the credential exchange record on completion (overrides --preserve-exchange-records configuration setting)

holder_didstringOptional

Holder DID to substitute for the credentialSubject.id

Example: did:key:ahsdkjahsdkjhaskjdhakjshdkajhsdkjahs
Responses
chevron-right
200Success
application/json
auto_issuebooleanOptional

Issuer choice to issue to request in this credential exchange

auto_offerbooleanOptional

Holder choice to accept offer in this credential exchange

auto_removebooleanOptional

Issuer choice to remove this credential exchange record when complete

connection_idstringOptional

Connection identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
created_atstringOptional

Time of record creation

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
cred_ex_idstringOptional

Credential exchange identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
error_msgstringOptional

Error message

Example: The front fell off
initiatorstring · enumOptional

Issue-credential exchange initiator: self or external

Example: selfPossible values:
parent_thread_idstringOptional

Parent thread identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
rolestring · enumOptional

Issue-credential exchange role: holder or issuer

Example: issuerPossible values:
statestring · enumOptional

Issue-credential exchange state

Example: donePossible values:
thread_idstringOptional

Thread identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
tracebooleanOptional

Record trace information, based on agent configuration

updated_atstringOptional

Time of last record update

Example: 2021-12-31T23:59:59ZPattern: ^\d{4}-\d\d-\d\d[T ]\d\d:\d\d(?:\:(?:\d\d(?:\.\d{1,6})?))?(?:[+-]\d\d:?\d\d|Z|)$
post
/issue-credential-2.0/records/{cred_ex_id}/send-request
200Success

hashtag
Step 4: Issue Credential

Once the credential request is received and validated, issue the credential using the /issue-credential-2.0/records/<exchange-id>/issue API endpoint.

hashtag
Send holder a credential

post
Path parameters
cred_ex_idstringRequired

Credential exchange identifier

Example: {"value":"3fa85f64-5717-4562-b3fc-2c963f66afa6"}Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}
Body
commentstringOptional

Human-readable comment

Responses
chevron-right
200Success
application/json
post
/issue-credential-2.0/records/{cred_ex_id}/issue
200Success

hashtag
Step 5: Holder stores Credential

The Holder has to store the issued credential into their wallet using the following API.

hashtag
Store a received credential

post
Path parameters
cred_ex_idstringRequired

Credential exchange identifier

Example: {"value":"3fa85f64-5717-4562-b3fc-2c963f66afa6"}Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}
Body
credential_idstringOptional
Responses
chevron-right
200Success
application/json
post
/issue-credential-2.0/records/{cred_ex_id}/store
200Success

Last updated

Was this helpful?