Verida wallet
Download the Verida wallet to receive credentials issued by cheqd Studio to a did:vda address.
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Verify a Credential using cheqd Studio.
Once you have issued your credential and have a JWT as part of the credential proof, you can use the /credential/verify API to check that the JWT has not been tampered.
To verify a Credential, you can either pass the full Credential body or the JWT proof. These can be either obtained from a Credential that has been issued or from a Verifiable Presentation presented to the user.
The user is able to set verification parameters to filter whether they want to verify certain aspects of a Credential, including:
Simply paste the JWT or the full credential body into the request field of the /credential/verify API, and the API will give you a response including the following verification policies:
Whether the Credential has been tampered
Whether the Credential has a valid issuance date
Whether the Credential has expired
Whether the Credential Status is valid
Learn how to issue and manage Verifiable Credentials and Presentations.
Verifiable Credentials are a tamper-evident data format for asserting a set of claims about a subject. You can issue and verify Verifiable Credentials and Presentations without building complex integrations, using our simple cheqd Studio APIs.
Learn about Verifiable Credentials and Presentations
If you want to learn more about what Verifiable Credentials and Presentations are, please go over to our learning site here.
There are many different ways to issue verifiable credentials signed by DIDs anchored on cheqd, with options for easy integration (e.g. cheqd Studio) and more bespoke integrations (e.g. Credo and Veramo). Below are a list of options for issuing credentials with cheqd underneath:
You can use SaaS products from our partners to create best-in-class credential ecosystems, built on cheqd
Make sure you've set up your account with cheqd Studio, then you can start to:
cheqd supports all four major digital Credential types via its selection of SDKs and APIs. Below you can learn about these Credential formats:
Depending on what type of credentials you want to use, choose the SDK that suits your tech stack:
Setup your wallet to receive credentials.
cheqd Studio currently is setup to work with the Verida Wallet. In 2024, we will be building compatibility with a full suite of other digital identity wallets.
On the "Profile" tab, you will see your did:vda address under the section "DID".
For example: "did:vda:testnet:0xD7477C4a75143Af16A967381d09650A533Bd0DD7"
Credentials stored with the credential schema will automatically be rendered in the Verida Wallet as a credential. This custom display includes:
A scannable QR code
The profile icon of the Verida DID that issued / signed the credential
A tick of approval indicating the credential has been verified
Using cheqd's innovative DID-Linked Resource module, cheqd is able to support decentralized and scalable Verifiable Credential revocation and suspension. Using this API, the user is able to choose whether they would like to publish the revocation status to the cheqd ledger or elsewhere.
It is best practice for issuers to keep a record of the Credentials they have issued, including the "statusListIndex" of the Credentials. From this record system, issuers should be able to fetch either the full Credential Body or the JWT proof of the Credential they want to revoke.
When revoking a Credential, issuers can decide whether they want to publish an updated Status List on-ledger, with the revoked credential index updated in the bitstring. The parameter below can be changed to reflect this:
Paste the Credential Body or JWT into the API below and execute the API to revoke the Credential.
Users are also able to suspend Verifiable Credentials. The difference between revocation and suspension is that suspended Credentials may be unsuspended at a future date; whereas, revoked credentials are permanently revoked.
It is best practice for issuers to keep a record of the Credentials they have issued, including the "statusListIndex" of the Credentials. From this record system, issuers should be able to fetch either the full Credential Body or the JWT proof of the Credential they want to suspend.
When suspending a Credential, issuers can decide whether they want to publish an updated Status List on-ledger, with the suspended credential index updated in the bitstring. The parameter below can be changed to reflect this:
Paste the Credential Body or JWT into the API below and execute the API to suspend the Credential.
If a Credential has been suspended, and an Issuer wants to unsuspend the Credential to make it once again valid, the Issuer can reinstate a suspended Credential.
It is best practice for issuers to keep a record of the Credentials they have issued, including the "statusListIndex" of the Credentials. From this record system, issuers should be able to fetch either the full Credential Body or the JWT proof of the Credential they want to unsuspend.
When unsuspending or reinstating a Credential, issuers can decide whether they want to publish an updated Status List on-ledger, with the unsuspended credential index updated in the bitstring. The parameter below can be changed to reflect this:
Paste the Credential Body or JWT into the API below and execute the API to unsuspend the Credential.
Issue conformant W3C Verifiable Credentials over REST API
Using the /credential/create API, it is possible to issue Verifiable Credentials, signed by a cheqd DID, in a few clicks or lines of code.
Make sure you have set up your account with cheqd Studio and are logged in, using our guide below:
Before you can issue a Verifiable Credential, you need to create an Issuer DID which is used to sign the Credential payload. Use the API in the page below to create an Issuer DID:
Again, before you issue a Verifiable Credential, you need to know to whom you are issuing it. If you need to create a Subject DID, you can take a look at the page here:
Within the JSON object of the API request, you will need to input the issuer and subject information, as well as the attributes which you want to issue in the Credential. You may also want to add additional fields such as a credentialSchema.
Users have two options for compiling the Credential bodies and issuing Verifiable Credentials:
Filling out a simple form using the application/x-www-url-form-encoded option within an API client of your choice.
Compiling a Credential body yourself using the application/json option within an API client of your choice.
This is the easiest way to issue Credentials and is recommended for users who are not overly familiar with compiling JSON objects.
Using the application/x-www-url-form-encoded option, users are able to choose between the following variables and options to issue Verifiable Credentials:
Below are a set of examples of alternative input parameters for users to specify the bitstring index of the issued Credential. The bitstring index is where exactly the issued credential will map to within the Status List. This should be noted and stored by the issuer to keep a record of which issued credentials are active, revoked or suspended:
Ensure that the "statusPurpose" and "statusListName" is the same as the existing Status List on-ledger.
Instead of using simple form variables, you can issue a Verifiable Credential using a JSON payload with the application/json option.
Below is an example of the request format for issuing a Verifiable Credential using a custom JSON payload, including some of the possible parameters:
Execute the API below to issue a Verifiable Credential, signed by your issuer DID.
Below are a list of alternatives for using Credentials with cheqd support. Each offers a different set of protocols and underlying technical capabilities.
t
| Functionality | cheqd Studio | Credo (and Paradym) | Veramo | Walt.id |
|---|---|---|---|---|
This is the DID of the Credential issuer, created in . This needs to be a did:cheqd DID. For example:
This is the DID of the Credential subject, created in . This needs to be a did:key or did:vda DID. For example:
These are the claims or attributes attested to within the Verifiable Credential. This must be a JSON object, following the . For example:
This is an optional property that defines semantic information about the Credential, conforming to the . For example:
This is an optional property that defines information about the type of Verifiable Credential, conforming to the . For example:
This is an optional property that defines information about the expiration date of a Verifiable Credential, conforming to the . For example:
Note that this is the same for and for . For example:
JSON based JWT Verifiable Credential (spec)
✔️
✔️
✔️
✔️
JSON-LD Verifiable Credential (spec)
✔️
✔️
✔️
✔️
AnonCreds (spec)
❌
✔️
❌
❌
Selective Disclosure-JWT Credential (spec)
❌
✔️
⌛(roadmap)
✔️
Issue Credentials
Issue W3C conformant Verifiable Credentials easily over REST API.
Verify Credentials
Verify whether Credentials are valid, have been tampered or have expired.
Verify Presentation
Verify whether a combination of Credentials are valid, have been tampered or have expired.
SD-JWT
Selective Disclosure JWT (SD-JWT) is the most commonly adopted credential format for European Digital Identity Ecosystems, allowing users to selectively disclose which attributes they would like to share in a presentation.
AnonCreds
AnonCreds is a credential format maintained by the Hyperledger Foundation, with functionality for zero knowledge proofs (ZKPs) and selective disclosure.
JSON (JWT)
JSON Web Token (JWT) Credentials are a simple way to transmit Trusted Data as a JSON object.
JSON-LD
JSON-LD (Linked Data) Credentials are a richer data format, allowing applications to follow embedded links to other pieces of Linked Data across the web.
This endpoint verifies a Verifiable Credential passed to it. As input, it can take the VC-JWT as a string or the entire credential itself.
If set to true the verification will also check the status of the credential. Requires the VC to have a credentialStatus property.
When dealing with JSON-LD you also MUST provide the proper contexts. Set this to true ONLY if you want the @context URLs to be fetched in case they are a custom context.
If set to true allow to verify credential which based on deactivated DID.
Verifiable Credential to be verified as a VC-JWT string or a JSON object.
Custom verification policies to execute when verifying credential.
Policy to skip the issuanceDate (nbf) timestamp check when set to false.
Policy to skip the expirationDate (exp) timestamp check when set to false.
Policy to skip the audience check when set to false.
The request was successful.
Verify presentations on cheqd Studio.
A Verifiable Presentation is a collection of multiple Verifiable Credentials that are being presented by a holder to a verifier. In addition to checking whether the Credentials are untampered, Verifiable Presentation verification also checks that the holder subject DID is valid.
To verify a Credential, you can either pass the full VP-JWT string or a JSON object. These can be either obtained from a Verifiable Presentation presented to the user.
The user is able to set verification parameters to filter whether they want to verify certain aspects of a Presentation, including:
Use the API below to verify a Presentation
Credo
Credo is an SDK which supports the European Architecture and Reference Framework (ARF) standards as well as AnonCreds with full cheqd support for DIDs.
cheqd Studio
Our API product supports simple credential issuance in JSON and JSON-LD formats.
Veramo
The Veramo SDK Plugin supports JSON, JSON-LD credentials as well as cheqd Credential Payments in an SDK.
Walt.id Community Stack
Walt.id Community Stack is an SDK that supports the European Architecture and Reference Framework (ARF) standards for identity, with full cheqd support.
This endpoint revokes a given Verifiable Credential. As input, it can take the VC-JWT as a string or the entire credential itself. The StatusList2021 resource should already be setup in the VC and credentialStatus property present in the VC.
Set whether the StatusList2021 resource should be published to the ledger or not. If set to false, the StatusList2021 publisher should manually publish the resource.
Verifiable Credential to be revoked as a VC-JWT string or a JSON object.
The symmetric key used to encrypt the StatusList2021 DID-Linked Resource. Required if the StatusList2021 DID-Linked Resource is encrypted.
The request was successful.
trueThis endpoint suspends a given Verifiable Credential. As input, it can take the VC-JWT as a string or the entire credential itself.
Set whether the StatusList2021 resource should be published to the ledger or not. If set to false, the StatusList2021 publisher should manually publish the resource.
Verifiable Credential to be revoked as a VC-JWT string or a JSON object.
The symmetric key used to encrypt the StatusList2021 DID-Linked Resource. Required if the StatusList2021 DID-Linked Resource is encrypted.
The request was successful.
trueSet whether the StatusList2021 resource should be published to the ledger or not. If set to false, the StatusList2021 publisher should manually publish the resource.
Set whether the StatusList2021 resource should be published to the ledger or not. If set to false, the StatusList2021 publisher should manually publish the resource.
Verifiable Credential to be revoked as a VC-JWT string or a JSON object.
The symmetric key used to encrypt the StatusList2021 DID-Linked Resource. Required if the StatusList2021 DID-Linked Resource is encrypted.
The request was successful.
trueThis endpoint issues a Verifiable Credential. As input it takes the list of issuerDid, subjectDid, attributes, and other parameters of the credential to be issued.
DID of the Verifiable Credential issuer. This needs to be a did:cheqd DID.
"did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0"DID of the Verifiable Credential holder/subject. This needs to be a did:key DID.
"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"JSON object containing the attributes to be included in the credential.
Optional properties to be included in the @context property of the credential.
Optional properties to be included in the type property of the credential.
Optional expiration date according to the <a href=https://www.w3.org/TR/vc-data-model/#expiration> VC Data Model specification.
"2023-06-08T13:49:28.000Z"Format of the Verifiable Credential. Defaults to VC-JWT.
"jwt"Optional credentialStatus properties for VC revocation or suspension. Takes statusListName and statusListPurpose as inputs.
Terms of use can be utilized by an issuer or a holder to communicate the terms under which a verifiable credential was issued.
RefreshService property MUST be one or more refresh services that provides enough information to the recipient's software such that the recipient can refresh the verifiable credential.
Evidence property MUST be one or more evidence schemes providing enough information for a verifier to determine whether the evidence gathered by the issuer meets its confidence requirements for relying on the credential.
The request was successful.
"2023-06-08T13:49:28.000Z""did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0""did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK""https://resolver.cheqd.net/1.0/identifiers/did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e?resourceName=cheqd-suspension-1&resourceType=StatusList2021Suspension#20"20"suspension""2023-06-08T13:49:28.000Z"This endpoint issues a Verifiable Credential. As input it takes the list of issuerDid, subjectDid, attributes, and other parameters of the credential to be issued.
DID of the Verifiable Credential issuer. This needs to be a did:cheqd DID.
"did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0"DID of the Verifiable Credential holder/subject. This needs to be a did:key DID.
"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"JSON object containing the attributes to be included in the credential.
Optional properties to be included in the @context property of the credential.
Optional properties to be included in the type property of the credential.
Optional expiration date according to the <a href=https://www.w3.org/TR/vc-data-model/#expiration> VC Data Model specification.
"2023-06-08T13:49:28.000Z"Format of the Verifiable Credential. Defaults to VC-JWT.
"jwt"Optional credentialStatus properties for VC revocation or suspension. Takes statusListName and statusListPurpose as inputs.
Terms of use can be utilized by an issuer or a holder to communicate the terms under which a verifiable credential was issued.
RefreshService property MUST be one or more refresh services that provides enough information to the recipient's software such that the recipient can refresh the verifiable credential.
Evidence property MUST be one or more evidence schemes providing enough information for a verifier to determine whether the evidence gathered by the issuer meets its confidence requirements for relying on the credential.
The request was successful.
"2023-06-08T13:49:28.000Z""did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0""did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK""https://resolver.cheqd.net/1.0/identifiers/did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e?resourceName=cheqd-suspension-1&resourceType=StatusList2021Suspension#20"20"suspension""2023-06-08T13:49:28.000Z"Credo is an SDK which and regular Verifiable Credentials natively with cheqd support.
Walt.id SSI Kit is an SDK that supports the standards for identity, with full cheqd support.
This endpoint verifies the Verifiable Presentation generated from credential(s). As input, it can take the Verifiable Presentation JWT as a string or the entire Verifiable Presentation itself.
If set to true the verification will also check the status of the presentation. Requires the VP to have a credentialStatus property.
When dealing with JSON-LD you also MUST provide the proper contexts. * Set this to true ONLY if you want the @context URLs to be fetched in case they are a custom context.
If set to true allow to verify credential which based on deactivated DID.
Verifiable Presentation to be verified as a VP-JWT string or a JSON object.
Provide an optional verifier DID (also known as 'domain' parameter), if the verifier DID in the presentation is not managed in the wallet.
Automatically make fee payment (if required) based on payment conditions to unlock encrypted StatusList2021 DID-Linked Resource.
Custom verification policies to execute when verifying presentation.
Policy to skip the issuanceDate (nbf) timestamp check when set to false.
Policy to skip the expirationDate (exp) timestamp check when set to false.
Policy to skip the audience check when set to false.
The request was successful.
Verida wallet
Download the Verida wallet to receive credentials issued by cheqd Studio to a did:vda address.
