Issue a verifiable credential

Issues a credential to a holder upon presentation of a valid access token, as per OpenID4VCI.

Supports encrypted and non-encrypted credential issuance.

Encrypted credential issuance is currently in technical preview and must be enabled on a per-tenant basis. If you would like to enable this feature for your tenant, please contact us.

For non-encrypted credential issuance the valid access token must be provided in the following header format:

Authorization: Bearer <access_token>.
Content-Type: application/json
Body: <credential request payload>

For encrypted credential issuance, contact us to configure how your MATTR VII enforces request and/or response encryption, and then:

For request encryption, Content-Type must be set to application/jwt and the payload must be JWE formatted.
For response encryption, include the credential_response_encryption property in the raw request payload to specify encryption details.

Analytics Events

OPENID_CREDENTIAL_STARTOPENID_CREDENTIAL_SUCCESSOPENID_CREDENTIAL_FAIL

POST/v1/openid/credential

Authorization

AuthorizationBearer <token>

In: header

Request Body

format*string

Credential format, always ldp_vc for JSON credentials.

Value in"ldp_vc"

credential_definition*

proof?

JSON object containing proof of possession of the key material the issued Credential shall be bound to.

credential_response_encryption?

JSON object containing details for encrypting the issued credential in the response.

Response Body

curl -X POST "https://example.vii.au01.mattr.global/v1/openid/credential" \
  -H "Content-Type: application/json" \
  -d '{
    "format": "ldp_vc",
    "credential_definition": {
      "type": [
        "VerifiableCredential",
        "AlumniCredential"
      ],
      "@context": [
        "https://www.w3.org/2018/credentials/v1"
      ]
    },
    "proof": {
      "proof_type": "jwt",
      "jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..."
    }
  }'

curl -X POST "https://example.vii.au01.mattr.global/v1/openid/credential" \  -H "Content-Type: application/json" \  -d '{    "format": "ldp_vc",    "credential_definition": {      "type": [        "VerifiableCredential",        "AlumniCredential"      ],      "@context": [        "https://www.w3.org/2018/credentials/v1"      ]    },    "proof": {      "proof_type": "jwt",      "jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..."    }  }'

{
  "credential": {
    "@context": [
      "https://www.w3.org/2018/credentials/v1"
    ],
    "id": "http://example.edu/credentials/3732",
    "type": [
      "VerifiableCredential",
      "AlumniCredential"
    ],
    "issuer": "https://example.edu/issuers/14",
    "issuanceDate": "2020-03-10T04:24:12.164Z",
    "credentialSubject": {
      "id": "did:example:123",
      "alumniOf": "Example University"
    },
    "proof": {
      "type": "RsaSignature2018",
      "created": "2020-03-10T04:24:12Z",
      "proofPurpose": "assertionMethod",
      "verificationMethod": "https://example.edu/issuers/keys/1",
      "jws": "EXAMPLE_JWS_TOKEN_eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9aH0..."
    }
  },
  "format": "ldp_vc"
}

Issue a verifiable credential

Analytics Events

Authorization

Request Body

Response Body

200

Response to issue a JSON credential

Response to issue a Semantic CWT credential

Response to issue a CWT credential

Response to issue an mDocs credential