Learn

Semantic CWT credentials configuration

Create a Semantic CWT credentials configuration

Creates a new Semantic CWT credentials configuration, a specific set of rules and parameters that are used to create and validate a particular type of verifiable credential. These rules and parameters define how the credential is structured and what data it contains when issued.

Analytic events

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_CREATE_START
  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_CREATE_SUCCESS
  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_CREATE_FAIL
SecuritybearerAuth
Request
Request Body schema: application/json
required

The Credential Configuration payload

type
required
string [ 1 .. 1024 ] characters

Used to differentiate between different CWT/Semantic CWT credentials configurations on your tenant. Thus, its value must:

  • Be unique across all CWT/Semantic CWT credentials configurations on your tenant.
  • Not be VerifiableCredential.
required
object

This is where you specify how to map claims (user attributes) into issued credentials. Each field in the object corresponds to a claim in the issued credential, and contains one or more from the following attributes:

  • mapFrom: References the path in the user object where the claim is available.
    • When using a URL as a claims namespace identifier, use bracket notation to access the claim value (e.g. mapFrom: "claims['https://example.com/claim-name']").
    • mapFrom is optional when defaultValue is provided, as the latter will be used for all issued credentials. This is referred to as a static claim.
  • defaultValue: Indicates what value is used if required is set to false (field is optional) and no value is provided by the claims source. When defaultValue is provided, mapFrom is optional.
  • required: Indicates whether the claim is required (default: false). When a required claim cannot be retrieved and no defaultValue is available, credential issuance will fail.

Example claims object inside the user object

{
  "claims": {
    "given_name": "Jamie",
    "family_name": "Doe",
    "address": {
      "formatted": "116-118 Quay Street, Auckland CBD, Auckland 1010"
    }
  },
  "authenticationProvider": {
    "subjectId": "6d3aab7d-73af-5f61-b47c-109ef6f7558c",
    "url": "https://accounts.google.com"
  }
}
revocable
boolean
Default: true

When set to true (default), the created credential can later be revoked. When set to false, the credential cannot be revoked.

claimSourceId
string <uuid>

References the unique identifier of a claims source that can be used to retrieve claims and include them in the issued credential.

object

Used to determine when will issued credentials expire. Can include any combination of years, months, weeks, days, hours, minutes and seconds.

Responses
201

Credential configuration created

400

Bad Request

post/v2/credentials/compact-semantic/configurations
Request samples
application/json
{
  • "type": "CourseCredential",
  • "claimMappings": {},
  • "revocable": true,
  • "claimSourceId": "78e1b90c-401d-45bb-89c0-938da4d44c60",
  • "expiresIn": {
    }
}
Response samples
application/json
{
  • "id": "983c0a86-204f-4431-9371-f5a22e506599",
  • "type": "CourseCredential",
  • "claimMappings": {},
  • "revocable": true,
  • "claimSourceId": "78e1b90c-401d-45bb-89c0-938da4d44c60",
  • "expiresIn": {
    }
}

Retrieve all Semantic CWT credentials configurations

Returns a list of all Comapct Semantic Credential configurations from your tenant.

Analytic events

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_RETRIEVE_LIST_START
  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_RETRIEVE_LIST_SUCCESS
  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_RETRIEVE_LIST_FAIL
SecuritybearerAuth
Request
query Parameters
limit
number [ 1 .. 1000 ]

Range size of returned entries, default 100

Example: limit=2
cursor
string

Starting point for the range of entries

Example: cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h
type
string

The optional credential type to filter on

Example: type=AlumniCredential
Responses
200

Semantic CWT credentials configurations retrieved

400

Bad Request

get/v2/credentials/compact-semantic/configurations
Request samples 
Response samples 
application/json
{
  • "nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM",
  • "data": [
    ]
}
Retrieve a Semantic CWT credentials configuration
Returns a Semantic CWT credentials configuration by providing its ID.


Analytic events


    

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_RETRIEVE_START
    • 

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_RETRIEVE_SUCCESS
    • 

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_RETRIEVE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Unique identifier for the Semantic CWT credentials configuration.


 
 Example:  3948c40e-6e19-4ffc-933c-91f643f24264
Responses 
200
Semantic CWT credentials configuration retrieved


400
Bad Request


404
The Credential Configuration is not found


get/v2/credentials/compact-semantic/configurations/{id}
Request samples 
Response samples 
application/json
{
  • "id": "983c0a86-204f-4431-9371-f5a22e506599",
  • "type": "CourseCredential",
  • "claimMappings": {},
  • "revocable": true,
  • "claimSourceId": "78e1b90c-401d-45bb-89c0-938da4d44c60",
  • "expiresIn": {
    }
}
Update a Semantic CWT credentials configuration
Updates an existing Semantic CWT credentials configuration by providing its ID.


Analytic events


    

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_UPDATE_START
    • 

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_UPDATE_SUCCESS
    • 

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_UPDATE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Unique identifier for the Semantic CWT credentials configuration.


 
 Example:  3948c40e-6e19-4ffc-933c-91f643f24264
Request Body schema: application/json
required
Update a Credential Configuration


type
required
string  [ 1 .. 1024 ] characters 
Used to differentiate between different CWT/Semantic CWT credentials configurations on your tenant. Thus, its value must:


    

  • Be unique across all CWT/Semantic CWT credentials configurations on your tenant.
    • 

  • Not be VerifiableCredential.
    • 



 
required
object
This is where you specify how to map claims (user attributes) into issued credentials. Each field in the object corresponds to a claim in the issued credential, and contains one or more from the following attributes:


    

  • mapFrom: References the path in the user object where the claim is available.
      

    • When using a URL as a claims namespace identifier, use bracket notation to access the claim value (e.g. mapFrom: "claims['https://example.com/claim-name']").
      • 

    • mapFrom is optional when defaultValue is provided, as the latter will be used for all issued credentials. This is referred to as a static claim.
      • 

    

    • 

  • defaultValue: Indicates what value is used if required is set to false (field is optional) and no value is provided by the claims source. When defaultValue is provided, mapFrom is optional.
    • 

  • required: Indicates whether the claim is required (default: false). When a required claim cannot be retrieved and no defaultValue is available, credential issuance will fail.
    • 



Example claims object inside the user object


{
  "claims": {
    "given_name": "Jamie",
    "family_name": "Doe",
    "address": {
      "formatted": "116-118 Quay Street, Auckland CBD, Auckland 1010"
    }
  },
  "authenticationProvider": {
    "subjectId": "6d3aab7d-73af-5f61-b47c-109ef6f7558c",
    "url": "https://accounts.google.com"
  }
}



 
revocable
boolean
 Default:  true
When set to true (default), the created credential can later be revoked. When set to false, the credential cannot be revoked.


 
claimSourceId
string <uuid> 
References the unique identifier of a claims source that can be used to retrieve claims and include them in the issued credential.


 
object
Used to determine when will issued credentials expire. Can include any combination of years, months, weeks, days, hours, minutes and seconds.


 
Responses 
200
Semantic CWT credentials configuration updated


400
Bad Request


404
The Credential Configuration is not found


put/v2/credentials/compact-semantic/configurations/{id}
Request samples 
application/json
{
  • "type": "CourseCredential",
  • "claimMappings": {},
  • "revocable": true,
  • "claimSourceId": "78e1b90c-401d-45bb-89c0-938da4d44c60",
  • "expiresIn": {
    }
}
Response samples 
application/json
{
  • "id": "983c0a86-204f-4431-9371-f5a22e506599",
  • "type": "CourseCredential",
  • "claimMappings": {},
  • "revocable": true,
  • "claimSourceId": "78e1b90c-401d-45bb-89c0-938da4d44c60",
  • "expiresIn": {
    }
}
Delete a Semantic CWT credentials configuration
Deletes an existing Semantic CWT credentials configuration by providing its ID.


Analytic events


    

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_DELETE_START
    • 

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_DELETE_SUCCESS
    • 

  • CREDENTIAL_COMPACT_SEMANTIC_CREDENTIAL_CONFIGURATION_DELETE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Unique identifier for the Semantic CWT credentials configuration.


 
 Example:  3948c40e-6e19-4ffc-933c-91f643f24264
Responses 
204
Semantic CWT credentials configuration deleted


400
Bad Request


404
The Credential Configuration is not found


delete/v2/credentials/compact-semantic/configurations/{id}
Request samples 
Response samples 
application/json
{
  • "code": "BadRequest",
  • "message": "Validation Error",
  • "details": [
    ]
}
➔ Next to JSON credentials configuration