JSON credentials

Sign a JSON credential

Returns a signed JSON credential generated from a provided valid payload.

Analytic events

  • CREDENTIAL_WEB_SEMANTIC_SIGN_START
  • CREDENTIAL_WEB_SEMANTIC_SIGN_SUCCESS
  • CREDENTIAL_WEB_SEMANTIC_SIGN_FAIL
SecuritybearerAuth
Request
Request Body schema: application/json
required

JSON credential payload to sign

required
object
proofType
string

This is an optional field which defines the cryptographic algorithm used to sign the credential. The credential Issuer's DID must contain a key that supports the corresponding signing capability. If no proofType is provided, the credential will be signed using the key that is available in the Issuer's DID:

  • If a Bls12381G2 key is available, the credential will be signed with a BbsSignature2022 proof. Credentials signed with this proof type support selective disclosure.
  • If a Bls12381G2 key is unavailable but a Ed25519 key is available, the credential will be signed with a Ed25519Signature2018 proof. Credentials signed with this proof type do not support selective disclosure.
  • If none of the two suitable keys are available, the request will be rejected and the credential will not be created.
Enum: "Ed25519Signature2018" "BbsSignature2022"
tag
string [ 1 .. 1024 ] characters

Insert a case sensitive tag to reference this credential. The gets stored as part of the credential metadata and can be used to search for it in the credential registry.

persist
boolean
Default: false

When set to true, both the credential and the credential metadata are stored in the credential registry. When set to false, only the following metadata is stored in the credential registry:

  • id
  • tag
  • credentialStatus
  • issuanceDate

    Credentials by nature tend to hold Personally Identifying Information (PII). Before storing credential data, familiarize yourself with compliance to any PII restrictions that may apply to your use-case.

revocable
boolean
Default: false

When set to true, the created credential can later be revoked. When set to false, the credential cannot be revoked. When set to true, https://w3id.org/vc-revocation-list-2020/v1 is injected into the credential @context object when it is issued. This references the JSON-LD definition of the credentialStatus object.

includeId
boolean
Default: false

When set to true, the signed credential identifier is included in both the credential object and the credential metadata. When set to false it is only included in the credential metadata.

Responses
200

JSON Credential signed

400

Failed to sign JSON credential, invalid payload, etc

post/v2/credentials/web-semantic/sign
Request samples
application/json
{
  • "payload": {
    },
  • "proofType": "Ed25519Signature2018",
  • "tag": "identifier123",
  • "persist": false,
  • "revocable": false,
  • "includeId": true
}
Response samples
application/json
{}