Credential issuance
Credential issuance is the process of creating and distributing digital credentials to holders. In this process issuers gather data they have about a certain person, entity or object (this data is often referred to as claims), format it as a digital credential and cryptographically sign it with a digital signature. This provides high assurance authenticity and data integrity to the information.
Once the credential is signed, the issuer delivers it to the intended holder. Verifiers can then confirm the content of the credential is attested by the issuer and has not been tampered with. This is performed without contacting the issuer again, which simplifies and decentralises the verification workflow.
There are different flavours and patterns that you can use to implement credential issuance. MATTR VII supports two methods for issuing credentials:
- Direct issuance: In this method you make a direct API request to sign a provided payload as a digital credential, and then share it with its intended holder.
- OpenID4VCI: This workflow is used to issue credentials based on the OpenID for Verifiable Credentials Issuance (OpenID4VCI) specification.