Issue a Verifiable Credential
Last updated
Last updated
Lets assume you want to provide a user with a credential, e.g. to provide a login credential for a web service. In that example, the Web Service is the issuer and will create a login credential from a user's Name and Email Address with the help of the sideos API. The Web Service will then offer the credential to the SSI Wallet that stores the credential securely for the later use as a Login credential.
The steps are:
The web application (Web Service) calls the sideos API posting the dataset to the /v3/createoffervc
endpoint. The dataset contains the credential ID, the claims, and a callback url.
The sideos API responds with an credential offer provided as a JWT to the Web Service.
The Web Service presents the JWT to the SSI wallet. That can be done as a QR Code, via NFC, or via Bluetooth.
The SSI wallet validates the credential offer and asks the user to accept the credential offer. If the user accepts the SSI wallet calls the callback url by posting the JWT back to the Web Service.
The Web Service optionally checks the validity of the JWT with the sideos API calling the /v3/consumeoffer
endpoint.
The sideos API responds with the original JWT and an error code. The Web Service can now do the magic based on the credential acceptance status, e.g. by marking the status in some database or providing some conditional information on the web application.
The Web Service responds with the status 200 to the SSI wallet if the validation was successful.
Lets do this simple flow in an example below.
Your API requests are authenticated using an API key. Any request that doesn't include an API key will return an error.
You can generate an API key from your sideos administration console at any time. See Sign up & get started for information how to get started and retrieve an API key.
You need a credential type that includes the Name and Email Address of the user. See section Creating a Credential Type.
Now when you have your API Key and a credential ID for your defined credential template, you can call the sideos API to get a credential offer for issuing a credential.
To make your first request, send an authenticated request to the pets endpoint. This will create a credential offer
, which can be captured by the user and stored on the sideos wallet.
POST
https//juno.sideos.io/api/v3/createoffervc/
Creates a credential offer based on the credential containing the claim data provided in the request.
Content Type
application/json
X-Token*
<API Key>
templateid*
number
The id
of the credential type
dataset*
object
The data set for the credential offer
domain*
string
The callback URL
challenge*
string
An unique identifier for the user session.
Take a look at how you might call this method using Typescript code
, or via curl
:
You will receive a response containing a data object with a jwt field.
The string is a base64 encoded JWT. Check the jwt string with a JWT parser, e.g. https://jwt.io to see the content. The JWT can be read by the sideos wallet, e.g. as a QR Code and shown to the user like this:
The wallet asks the user to accept or decline the offer. If the user accepts the offer, the credential is stored on the phone and the callback URL from the domain
field in the credential offer is called to complete the credential acceptance.
The callback URL needs to respond with a 200 status in order to successfully store the credential. If an error code comes back the wallet shown an error screen and does not store the credential in the wallet.