Learn

Setup a Compact Credential Configuration

The following example shows a request to create a new Compact Credential configuration:

Request

http
Copy to clipboard.
1POST https://YOUR_TENANT_URL/v2/credentials/compact/configurations
json
Copy to clipboard.
1{
2    "type": "CourseCredential",
3    "claimMappings": {
4        "email": {
5            "mapFrom": "claims.email"
6        },
7        "firstName": {
8            "mapFrom": "claims.given_name"
9        },
10        "lastName": {
11            "mapFrom": "claims.lastName"
12        },
13        "addressRegion": {
14            "mapFrom": "claims.addressRegion",
15            "required": true,
16            "defaultValue": "Kakapo"
17        },
18        "providerUrl": {
19            "mapFrom": "authenticationProvider.url",
20            "required": true
21        },
22        "providersubjectId": {
23            "mapFrom": "authenticationProvider.subjectId",
24            "required": true
25        }
26    },
27    "revocable": true,
28    "expiresIn": {
29        "years": 1,
30        "months": 1,
31        "weeks": 1,
32        "days": 1,
33        "hours": 1,
34        "minutes": 1,
35        "seconds": 1
36    }
37}

type defines the type of the Compact Credential. This value must be unique across all of your Compact Credential configurations.

claimMappings specifies which user attributes are included in an issued Compact Credential.

expiresIn is an optional object that defines how long after the issuance of a Compact Credential it expires. If no value is provided, the credential will never expire.

revocable is a boolean value which defines whether the credential can be revoked or not. The default value is true.

Response

json
Copy to clipboard.
1{
2    "id": "8fda86fc-781d-4401-80d7-eaa43efafad9",
3    "type": "CourseCredential",
4    "revocable": true,
5    "expiresIn": {
6        "years": 1,
7        "months": 1,
8        "weeks": 1,
9        "days": 1,
10        "hours": 1,
11        "minutes": 1,
12        "seconds": 1
13    },
14    "claimMappings": {
15        "email": {
16            "mapFrom": "claims.email"
17        },
18        "firstName": {
19            "mapFrom": "claims.given_name"
20        },
21        "lastName": {
22            "mapFrom": "claims.lastName"
23        },
24        "addressRegion": {
25            "mapFrom": "claims.addressRegion",
26            "required": true,
27            "defaultValue": "Kakapo"
28        },
29        "providerUrl": {
30            "mapFrom": "authenticationProvider.url",
31            "required": true
32        },
33        "providersubjectId": {
34            "mapFrom": "authenticationProvider.subjectId",
35            "required": true
36        }
37    }
38}

The successful response includes the new credential configuration with a unique id. This unique identifier is required for issuing a credential based on the created configuration, for updating the configuration or for deleting it.

To learn how to search and filter created credential configurations, refer to the API spec.

To learn about claim mappings, refer to the tutorial on setting up a credential configuration with OpenID Credential Provisioning.