Create a Compact Credential


  • Access to MATTR VII APIs. If you’re experiencing any difficulties, contact us.

  • Issuer DID: This is a did:web that identifies the issuer who attests the claims in the credential are accurate. Refer to create a did:web if you need assistance in creating one. You can only sign Compact Credentials using DIDs with a P-256 key type. Note that MATTR VII creates did:webs with this key type by default.

  • Claim values: The claims you wish to include in the credential. This is the information attested by the issuer. Compact Credentials include two types of claims, which are all included on the credential top level:

    • Standard claims: These must be in a specific structure and format for the credential to be valid. Refer to the example request below for more information.

    • Custom claims: These can be any claims the issuer wishes to add to the credential, as long their value is either a boolean, a string or a number.


Make the following request to create and sign a new Compact Credential:

Copy to clipboard.
1POST https://YOUR_TENANT_URL/v2/credentials/compact/sign
Copy to clipboard.
2    "payload": {
3        "iss": "",
4        "nbf": 1704099600,
5        "exp": 1767258000,
6        "name": "Emma Jane Tasma",
7        "type": "Course Credential",
8        "code": "HS.278",
9        "certificationName": "Working at Heights",
10        "certificationLevel": "Level 4",
11        "issuerName": "Advanced Safety Training",
12        "expiry": "2026-01-01"
13    },
14    "revocable": true
  • iss: Use the DID that identifies the credential's issuer, which attests the claims in the credential. This must be a publicly available and resolvable did:web for the credential to be valid and verifiable.

  • nbf: Not before. When set, credential verification will fail if the current time is earlier than the nbf value. Must be expressed as a Unix timestamp.

  • exp: Expiry. When set, credential verification will fail if the current time is later than the exp value. Must be expressed as a Unix timestamp.

  • name: Example for a custom claim.

  • type: Example for a custom claim.

  • code: Example for a custom claim.

  • certificationName: Example for a custom claim.

  • certificationLevel: Example for a custom claim.

  • issuerName: Example for a custom claim.

  • revocable: When set to true, the created credential can later be revoked. When set to false, the credential cannot be revoked.


Copy to clipboard.
2    "id": "bKcrxojFSuSZvI5qhKInxA",
3    "decoded": {
4        "iss": "",
5        "nbf": 1704099600,
6        "type": "Course Credential",
7        "exp": 1767258000,
8        "name": "Emma Jane Tasma",
9        "code": "HS.278",
10        "certificationName": "Working at Heights",
11        "certificationLevel": "Level 4",
12        "issuerName": "Advanced Safety Training",
13        "status": {
14            "index": 3,
15            "url": ""
16        },
17        "jti": "bKcrxojFSuSZvI5qhKInxA"
18    },
  • id: Unique credential identifier. This is required when revoking a credential.

  • decoded: This is the decoded version of the credential. It includes all the information from the request above, with the addition of the following elements:

    • status: If revocable was set to true in the request, this object is used to provide information required for revocation:

      • index: This indicates the index of this specific credential within the revocation list.

      • url: Every revocable credential will reference a Revocation List that is automatically created and held on the issuer's tenant. This list can be used by external verifiers to validate the credential status. The status.url property references the Revocation List which holds the revocation status for this specific credential.

    • jti: This JWT ID identifies this credential and is identical to the id element. When revocable is set to true, this value is persisted on the tenant to enable revoking this specific credential.

  • encoded: The base32 encoded string representation of the Compact Credential. CSC stands for COSE_SIGN Compact profile. You will use this element to convert the credential into a format that can be shared with a holder.

What's next?

Now that you have created the credential, you can format it as a QR code, a PDF document, an Apple digital pass or a Google digital pass.