light-mode-image
Learn
API ReferenceCredential offers

Create a Pre-Authorized Code credential offer

Roles

adminissuermanaged-issuer

Analytics Events

OPENID_PRE_AUTHORIZED_OFFER_CREATE_STARTOPENID_PRE_AUTHORIZED_OFFER_CREATE_SUCCESSOPENID_PRE_AUTHORIZED_OFFER_CREATE_FAIL
POST/v1/openid/offers/pre-authorized

Generate a new OID4VCI Pre-Authorized Code credential offer.

This offer can only be used once. Once the offer is successfully claimed and the credential is issued, the pre-authorized code is consumed and the offer becomes invalid. The offer cannot be claimed again, even if the same user attempts to claim it. This is a security measure to prevent unauthorized credential duplication. If you need to issue another credential to the same user, you must generate a new credential offer.

The total size of the request cannot exceed 500KB, including any claims. This is mostly relevant when including large claims such as images. When holders present credentials over Bluetooth Low Energy (BLE), keep payloads as small as practical, as large claims can degrade the transfer experience. Reserve larger payloads for remote presentation flows.

Analytic events

  • OPENID_PRE_AUTHORIZED_OFFER_CREATE_START
  • OPENID_PRE_AUTHORIZED_OFFER_CREATE_SUCCESS
  • OPENID_PRE_AUTHORIZED_OFFER_CREATE_FAIL

Authorization

bearerAuthOpenIdCredentials
AuthorizationBearer <token>

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

curl -X POST "https://example.vii.au01.mattr.global/v1/openid/offers/pre-authorized" \  -H "Content-Type: application/json" \  -d '{    "credentials": [      "707e920a-f342-443b-ae24-6946b7b5033e"    ]  }'
{
  "id": "string",
  "userId": "string",
  "uri": "openid-credential-offer://?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Fexample.com%22%2C%22credentials%22%3A%5B%222edaf985-fcc2-4448-9c8e-a04c6c7351c2%22%5D%2C%22credential_configuration_ids%22%3A%5B%222edaf985-fcc2-4448-9c8e-a04c6c7351c2%22%5D%2C%22grants%22%3A%7B%22urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Apre-authorized_code%22%3A%7B%22pre-authorized_code%22%3A%22stukD6lg9c9tQ3jUCa32wVi1HI%2BQIVsFK%2FQPvC2CHRs%3D%22%2C%22tx_code%22%3A%7B%22length%22%3A6%2C%22input_mode%22%3A%22numeric%22%2C%22description%22%3A%22Please%20provide%20the%20one-time%20code%20that%20was%20sent%20via%20e-mail%22%7D%7D%7D%7D",
  "expiresAt": "2025-05-01T00:01:00.000Z",
  "transactionCode": 493536
}

How would you rate this page?

Create an Authorization Code credential offer POST

Returns an OID4VCI credential offer URI. See [https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#section-10.1](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#section-10.1) This offer can be used more than once, and can be shared with multiple users. Each user will authenticate independently during the credential issuance workflow, allowing the same offer URI to issue credentials with different user-specific data to multiple holders. ### **Analytic events** * OPENID_OFFER_CREATE_START * OPENID_OFFER_CREATE_SUCCESS * OPENID_OFFER_CREATE_FAIL

Delete a Pre-authorized Code credential offer DELETE

Delete an [OID4VCI Pre-authorized Code](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#section-4.1) credential offer. ### **Analytic events** * OPENID_PRE_AUTHORIZED_OFFER_DELETE_START * OPENID_PRE_AUTHORIZED_OFFER_DELETE_SUCCESS * OPENID_PRE_AUTHORIZED_OFFER_DELETE_FAIL