Revoke a Verifiable Credential

Revoke an AnonCreds Verifiable Credential, signed by a did:cheqd Decentralized Identifier (DID), using ACA-Py.

Revoking credentials is crucial for maintaining control over issued credentials and preventing misuse in the cheqd ecosystem. To revoke credentials within the ACA-Py framework, follow these steps:

Step 1: Issuer identifies Credential to be revoked

The Issuer must determine the credential that needs to be revoked by getting the list of issued credentials and the connection id.

Step 2: Revoke Credential

Initiate the credential revocation process by supplying the necessary credential identifiers like the connection id and the credential exchange id.

Revoke an issued credential

post

Body

commentstringOptional

Optional comment to include in revocation notification

connection_idstringOptional

Connection ID to which the revocation notification will be sent; required if notify is true

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}

cred_ex_idstringOptional

Credential exchange identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}

cred_rev_idstringOptional

Credential revocation identifier

Example: 12345Pattern: ^[1-9][0-9]*$

notifybooleanOptional

Send a notification to the credential recipient

notify_versionstring · enumOptional

Specify which version of the revocation notification should be sent

Possible values:

publishbooleanOptional

(True) publish revocation to ledger immediately, or (default, False) mark it pending

rev_reg_idstringOptional

Revocation registry identifier

Example: did:(method):4:did:<method>:3:CL:20:tag:CL_ACCUM:0Pattern: ^(.+$)

thread_idstringOptional

Thread ID of the credential exchange message thread resulting in the credential now being revoked; required if notify is true

Responses

200Success

application/json

Responseobject

post

POST /anoncreds/revocation/revoke HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 285

{
  "comment": "text",
  "connection_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "cred_ex_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "cred_rev_id": "12345",
  "notify": true,
  "notify_version": "v1_0",
  "publish": true,
  "rev_reg_id": "did:(method):4:did:<method>:3:CL:20:tag:CL_ACCUM:0",
  "thread_id": "text"
}

200Success

{}

Sample Request Body

{
    "comment": "Revoke issued credential",
    "connection_id": "<issuer--to-holder-conn-id>",
    "cred_ex_id": "<issuer-cred-exchange-id>",
    "notify": true,
    "publish": true
}

Step 3: Verify Revocation

Follow the steps to Present a Verifiable Credential to verify that the credential has been successfully revoked. The response should have verified: false.

Last updated 7 months ago

Was this helpful?

Step 2: Revoke Credential

Initiate the credential revocation process by supplying the necessary credential identifiers like the connection id and the credential exchange id.

Revoke an issued credential

post

Body

commentstringOptional

Optional comment to include in revocation notification

connection_idstringOptional

Connection ID to which the revocation notification will be sent; required if notify is true

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}

cred_ex_idstringOptional

Credential exchange identifier

Example: 3fa85f64-5717-4562-b3fc-2c963f66afa6Pattern: [a-fA-F0-9]{8}-[a-fA-F0-9]{4}-4[a-fA-F0-9]{3}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}

cred_rev_idstringOptional

Credential revocation identifier

Example: 12345Pattern: ^[1-9][0-9]*$

notifybooleanOptional

Send a notification to the credential recipient

notify_versionstring · enumOptional

Specify which version of the revocation notification should be sent

Possible values:

publishbooleanOptional

(True) publish revocation to ledger immediately, or (default, False) mark it pending

rev_reg_idstringOptional

Revocation registry identifier

Example: did:(method):4:did:<method>:3:CL:20:tag:CL_ACCUM:0Pattern: ^(.+$)

thread_idstringOptional

Thread ID of the credential exchange message thread resulting in the credential now being revoked; required if notify is true

Responses

200Success

application/json

Responseobject

post

POST /anoncreds/revocation/revoke HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 285

{
  "comment": "text",
  "connection_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "cred_ex_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "cred_rev_id": "12345",
  "notify": true,
  "notify_version": "v1_0",
  "publish": true,
  "rev_reg_id": "did:(method):4:did:<method>:3:CL:20:tag:CL_ACCUM:0",
  "thread_id": "text"
}

200Success

{}

Sample Request Body

{
    "comment": "Revoke issued credential",
    "connection_id": "<issuer--to-holder-conn-id>",
    "cred_ex_id": "<issuer-cred-exchange-id>",
    "notify": true,
    "publish": true
}