Learn

Create a policy

Ecosystem policies configure roles and permissions that apply to participants within the ecosystem. For example, participant X can act as an issuer and issue valid credentials of type X, Y and Z.

Ecosystems have separate policies for issuers and verifiers:

  • Issuers policy: Includes a list of valid issuers and what valid credentials they can issue. Note that if an issuer has isIssuerConstrained set to false, this policy will not limit the valid credentials they can issue.

  • Verifiers policy: Includes a list of valid verifies and what valid credentials they can verify. Note that if a verifier has isVerifierConstrained set to false, this policy will not limit the valid credentials they can verify.

It is important to note that participants are only considered valid after they are added to an issuer and/or verifier policy.

Ecosystem policies are openly available and can be accessed unauthenticated by design.

Create an Issuer Policy

Request

Make the following request to create a new issuer policy:

http
Copy to clipboard.
1POST https://YOUR_TENANT_URL/v1/ecosystems/{ecosystemId}/participants/{participantId}/issuer/credentials

  • ecosystemId: Policies must be created within a specific ecosystem. Use the ecosystem unique id returned when you created the ecosystem.

  • participantId: Policies are created for a specific participant. Use the participant unique id returned when you created the participant.

Response

Policies for large ecosystems are expected to be large. To maintain API performance, only the relevant information is returned in the response:

  • If the request simply adds an issuer to the policy, an empty response is returned.

  • If the request adds an issuer with credential types, these credential types are returned in the response.

When required, ecosystem operators can revoke an issuer from the policy so that it is no longer considered valid in the ecosystem.

Create a Verifier Policy

Request

Make the following request to create a new verifier policy:

http
Copy to clipboard.
1POST https://YOUR_TENANT_URL/v1/ecosystems/{ecosystemId}/participants/{participantId}/verifier/credentials

  • ecosystemId: Policies must be created within a specific ecosystem. Use the ecosystem unique id returned when you created the ecosystem.

  • participantId: Policies are created for a specific participant. Use the participant unique id returned when you created the participant.

Response

Policies for large ecosystems are expected to be large. To maintain API performance, only the relevant information is returned in the response:

  • If the request simply adds a verifier to the policy, an empty response is returned.

  • If the request adds an verifier with credential types, these credential types are returned.

When required, ecosystem operators can revoke a verifier from the policy so that it is no longer considered valid in the ecosystem.