light-mode-image
Learn

Deliver credential offers to holders

The credential offer is what starts the issuance flow for the holder. This page covers how offers reach your users and which wallet applications can claim them.

Deliver credential offers to holders

The credential offer is what starts the issuance flow for the holder. You need to decide how offers reach your users and which wallet applications can claim them.

Offer delivery methods

MethodBest forDescription
QR codeIn-person kiosks, printed materialsUser scans with their wallet app
Deep linkEmail, SMS, in-app notificationsClickable URL that opens the wallet
Silent pushExisting app sessionsCredential delivered without user initiation

Wallet targeting

You can control which wallet apps can claim your offers:

  • Open model: any OID4VCI-compatible wallet can claim using the standard openid-credential-offer:// scheme.
  • Private-use scheme: a custom URI scheme targets specific wallet applications.
  • Claimed HTTPS links: App Links (Android) or Universal Links (iOS) provide the strongest app-binding with domain verification.
  • Wallet attestation: requires wallets to cryptographically prove their authenticity before claiming credentials. This provides the strongest level of wallet trust by validating the wallet instance through a certificate-based trust chain, ensuring only authorized wallet applications can receive your credentials.

See claiming credential offers for detailed configuration guidance.

Next steps

Extend the basic workflow with optional components such as an authentication provider, claims source, or interaction hook.

How would you rate this page?

Last updated on

On this page