Skip to Content

How to issue a CWT credential (Direct issuance)

CWT credentials represent claims of data that can be cryptographically proven as authentic while being compact enough to fit inside a QR code.

This guide will show you how to create and format a new CWT or Semantic CWT credential.

This guide can be used to create both CWT and Semantic CWT credentials. Any differences in the workflow are highlighted throughout the guide.

Prerequisites

  • DIDs:
    • Issuer DID: This is a did:web that identifies the issuer who attests the claims in the credential are accurate.
      • Refer to Create a did:web if you need assistance in creating one.
      • You can only sign a CWT credential using DIDs with a P-256 key type. MATTR VII creates did:webs with this key type (and others) by default.
  • Claim values: The claims you wish to include in the credential. This is the information attested by the issuer.
  • The identifier of the desired PDF, Apple digital pass or Google digital pass template.

Overview

Direct issuance of a CWT credential comprises the following steps:

  1. Sign the CWT credential.
  2. Format the signed CWT credential.
  3. Share the formatted credential.

Sign the CWT credential

The request to sign the credential is different when you’re signing a CWT or Semantic CWT Credential.

Format the signed CWT credential

Once the CWT credential is signed, you can render it in one of several formats before sharing it.

Share the formatted credential

Now that you have the credential rendered in the required format, you can share it with its intended holder.

Last updated on