Skip to Content
GuidesCredential revocation🎓 Tutorial

Revocation Tutorial

Introduction

In this tutorial we will explore the concept of credential revocation, a critical feature that allows issuers to invalidate previously issued credentials, ensuring the integrity and security of the system. The tutorial comprises the following steps:

  1. Issue a revocable credential.
  2. Obtain a credential revocation status.
  3. Revoke an issued credential.
  4. Attempt to verify a revoked credential.

Prerequisites

We recommend using the MATTR VII Postman collection in this tutorial. While this isn’t an explicit prerequisite, it can really speed things up.

Tutorial steps

Issue a revocable credential

The first thing you need to do is sign a new credential in a way that will enable you to revoke it later. This will differ slightly based on your selected credential format.

Obtain a credential revocation status

Now that the credential is issued, different relying parties might be interested in discovering its revocation status. In other words, they want to know whether or not the credential has been revoked by the issuer. MATTR VII supports two ways of achieving this:

  • Query a protected MATTR VII endpoint to get the revocation status.
  • Query public MATTR VII endpoints to get the revocation status.

Again, this process looks slightly different for different credential formats.

Revoking an issued credential

Next we will learn how to revoke issued credentials. The process is very similar for different credential formats but uses different MATTR VII endpoints

Attempting to verify a revoked credential

The last step will be attempting to verify the revoked credential. This step is also similar across different credential formats, using different endpoints.

Summary

In this tutorial you learned how to manage credential revocation, including:

  1. How to issue a revocable credential.
  2. How to check the revocation status of a credential as an Issuer and as a relying party.
  3. How to revoke a credential.

You can now use integrate these capabilities into your solution to support this important feature.

Additional resources

Last updated on
Credential revocationmDoc