Create a credential offer
The first step in the OpenID4VCI issuance workflow is to create a credential offer. The credential offer specifies the credential configurations that will be used to issue the credential, as well as additional request parameters to support the authentication workflow.
Prerequisites
Access to MATTR VII APIs. If you’re experiencing any difficulties, contact us.
The
id
identifier of a credential configuration, returned in the response when you created the credential configuration.
Request
Create a request of the following structure to create a new credential offer:
1POST https://YOUR_TENANT_URL/v1/openid/offers
1{
2 "credentials": [
3 "20d6bbe6-a978-447c-b5bd-f33b6dca19e2"
4 ],
5 "request_parameters": {
6 "login_hint": "user@example.com",
7 "prompt": "login"
8 }
9}
credentials
: This array includes a list of identifiers for credential configurations that will be included in the credential offer. These identifiers are theid
elements returned in the response when you create a credential configuration.To issue multiple credential profiles of the same credential in a single flow, include all the required credential configuration
id
elements in the request payload. For example, you could issue a Web, Compact and/or Mobile Credential using the same data in a single user journey.request_parameters
(optional): Specifies a list of additional request parameters that the wallet can include in the authentication request.
Response
1{
2 "uri": "openid-credential-offer://?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Ftenant.vii.mattr.global%22%2C%22credentials%22%3A%5B%2220d6bbe6-a978-447c-b5bd-f33b6dca19e2%22%5D%2C%22request_parameters%22%3A%7B%22login_hint%22%3A%22user%40example.com%22%2C%22prompt%22%3A%22login%22%7D%7D"
3}
The response includes an offer URl, which for Web and Compact Credentials can now be sent to a user's digital wallet via a message, a QR code or a deep link.
When a multi-format credential offer is created, the generated URI offer is used to issue all the credential profiles in a single workflow.
What's next?
You can now Send the credential offer to the intended holder.
Your configuration details are added to the publicly available openid-credential-issuer
resource so that issued credentials can be verified by external verifiers:
1https://YOUR_TENANT_URL/.well-known/openid-credential-issuer