Agent > OID4VCI

Claim credential

post

Claim specific credential. User has to pass authorization token in header and data in request body. authorization header has to contain Bearer and token returned from previous token endpoint. In request body user has to pass types array with type of credential being claimed, format string with format of the credential, and proof object with proof_type string and jwt string. proof_type is a string that represents the type of the proof, which is in our case jwt. jwt is a string that represents the JWT token which is generated by wallet and acts as a proof of posession JWT. If successful, the server returns an object with credential, format, c_nonce and c_nonce_expires_in properties. credential is a string that represents the JWT token which contains all the details about the claimed credential. format is a string that represents the format of the credential. c_nonce is a string that represents c-nonce and c_nonce_expires_in is a number that represents the expiration time of the c-nonce in seconds.

If the API is NOT running in DEMO MODE, note that the resources must be creating using POST /private/credential-offers otherwise it will return errors

Path parameters

correlationIdstringRequired

Defines a organisation which is defined as a correlationId. Must be a value the Issuer is working with!

Example: teranode

Header parameters

AuthorizationstringOptional

Authorization retrieved from token endpoint

Body

formatstringRequired

The format of the credential we choose when issuing.

Example: jwt_vc_json

Responses

200Success

application/json

credentialstringRequired

JWT token which contains all the details about the claimed credential.

Example:

eyJhbGciOiJFUzI1NksiLCJ0eXAiOiJKV1QifQ.eyJleHAiOjE3MDg1Mjg4NjIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJDaGFyYWN0ZXJDcmVkZW50aWFsIl0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7Im5hbWUiOiJZZWxsb3ciLCJiaW9ncmFwaHkiOiJZb3UmI3gyNztyZSBjaGVlcmZ1bCBhbmQgb3B0aW1pc3RpYywgYnJpbmdpbmcgam95IGFuZCBwb3NpdGl2aXR5IHdoZXJldmVyIHlvdSBnby4gWW91ciBzdW5ueSBkaXNwb3NpdGlvbiBhbmQgaW5mZWN0aW91cyBsYXVnaHRlciBicmlnaHRlbiBldmVuIHRoZSBkYXJrZXN0IG9mIGRheXMuIFdpdGggYSBoZWFydCBmdWxsIG9mIGNvbXBhc3Npb24gYW5kIGVtcGF0aHksIHlvdSYjeDI3O3JlIGFsd2F5cyByZWFkeSB0byBsZW5kIGEgaGVscGluZyBoYW5kIHRvIHRob3NlIGluIG5lZWQuIiwidHlwZSI6IkNoYXJhY3RlciBDcmVkZW50aWFsIiwiaWQiOiJkaWQ6YnN2OmVjYWE0MDI4ZWMzYzM2N2IwZTkwNzI3ZmI1ZTY3ZWQwMTczNjA0ZWE2ZmVjYzRiMmM4YzI4ZTFlNjQxMjYyMTQifX0sIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJDaGFyYWN0ZXJDcmVkZW50aWFsIl0sImV4cGlyYXRpb25EYXRlIjoiMjAyNC0wMi0yMVQxNToyMTowMi44MDlaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsibmFtZSI6IlllbGxvdyIsImJpb2dyYXBoeSI6IllvdSYjeDI3O3JlIGNoZWVyZnVsIGFuZCBvcHRpbWlzdGljLCBicmluZ2luZyBqb3kgYW5kIHBvc2l0aXZpdHkgd2hlcmV2ZXIgeW91IGdvLiBZb3VyIHN1bm55IGRpc3Bvc2l0aW9uIGFuZCBpbmZlY3Rpb3VzIGxhdWdodGVyIGJyaWdodGVuIGV2ZW4gdGhlIGRhcmtlc3Qgb2YgZGF5cy4gV2l0aCBhIGhlYXJ0IGZ1bGwgb2YgY29tcGFzc2lvbiBhbmQgZW1wYXRoeSwgeW91JiN4Mjc7cmUgYWx3YXlzIHJlYWR5IHRvIGxlbmQgYSBoZWxwaW5nIGhhbmQgdG8gdGhvc2UgaW4gbmVlZC4iLCJ0eXBlIjoiQ2hhcmFjdGVyIENyZWRlbnRpYWwiLCJpZCI6ImRpZDpic3Y6ZWNhYTQwMjhlYzNjMzY3YjBlOTA3MjdmYjVlNjdlZDAxNzM2MDRlYTZmZWNjNGIyYzhjMjhlMWU2NDEyNjIxNCJ9LCJpc3N1ZXIiOiJkaWQ6YnN2OmQ3ZGRjYzAwYzE0ZjliY2NlMTEzNWZjM2IzMjYxNGExYjNiNDcyMGJlNjQwNDUwNzQzYmE2Yjg1MTk4MzMyNWQiLCJpc3N1YW5jZURhdGUiOiIyMDI0LTAyLTE0VDE0OjIxOjAyLjgxMFoiLCJzdWIiOiJkaWQ6YnN2OmVjYWE0MDI4ZWMzYzM2N2IwZTkwNzI3ZmI1ZTY3ZWQwMTczNjA0ZWE2ZmVjYzRiMmM4YzI4ZTFlNjQxMjYyMTQiLCJuYmYiOjE3MDc5MjA0NjIsImlzcyI6ImRpZDpic3Y6ZDdkZGNjMDBjMTRmOWJjY2UxMTM1ZmMzYjMyNjE0YTFiM2I0NzIwYmU2NDA0NTA3NDNiYTZiODUxOTgzMzI1ZCJ9.BNtaFqWdZNCmCXodN8tZ5MHOflzxQnbnFnYAJcWruQMXF-l8V4c2nsyb-3mgdGy38SowpJgHplZri6-TkcM_mA

formatstringRequired

The format of the credential.

Example: jwt_vc_json

c_noncestringRequired

String representing c-nonce.

Example: bea65ef2-ebd3-4006-b095-e5fbd6d96ccd

c_nonce_expires_innumberRequired

Number representing the expiration time of the c-nonce in seconds.

Example: 300000

503

The service is unavailable

post

/api/v1/agent/{correlationId}/credentials

POST /products/web/12345/issuer/api/v1/agent/{correlationId}/credentials HTTP/1.1
Host: identity.products.teranode.group
Content-Type: application/json
Accept: */*
Content-Length: 767

{
  "format": "jwt_vc_json",
  "credential_definition": {
    "type": [
      "EmailCredential"
    ],
    "credentialSubject": {
      "name-of-claim": {
        "value_type": "string",
        "mandatory": true,
        "display": []
      }
    }
  },
  "proof": {
    "proof_type": "jwt",
    "jwt": "eyJ0eXAiOiJvcGVuaWQ0dmNpLXByb29mK2p3dCIsImFsZyI6IkVTMjU2SyIsImtpZCI6ImRpZDpic3Y6ZWNhYTQwMjhlYzNjMzY3YjBlOTA3MjdmYjVlNjdlZDAxNzM2MDRlYTZmZWNjNGIyYzhjMjhlMWU2NDEyNjIxNCNzdWJqZWN0LWtleSJ9.eyJpYXQiOjE3MDcyOTUyOTEuMjEsImV4cCI6MTcwNzI5NTk1MS4yMSwiYXVkIjoiaHR0cHM6Ly84ZmNmLTIxMy0xNzItMjM0LTgxLm5ncm9rLWZyZWUuYXBwL25jaGFpbiIsIm5vbmNlIjoiNTc1NTUzZTgtMDQ1NS00YjAyLThmNGMtNmRmNmY2MTMxZDEzIiwiaXNzIjoibkNoYWluOnZjLXdhbGxldCIsImp0aSI6IjJkMzg4ZDE1LWFjY2QtNGI0My1hZWExLTUyOTg5YTY4YmJjOSJ9.Pd0RiOb9c1fcjFGUQCNW01QCHdc7-Dz9NAdh93yOzYQnXqjmr0joyezqCEbeNxRacSsl7GNAB8IfsDkEthPfyg"
  }
}

{
  "credential": "eyJhbGciOiJFUzI1NksiLCJ0eXAiOiJKV1QifQ.eyJleHAiOjE3MDg1Mjg4NjIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJDaGFyYWN0ZXJDcmVkZW50aWFsIl0sImNyZWRlbnRpYWxTdWJqZWN0Ijp7Im5hbWUiOiJZZWxsb3ciLCJiaW9ncmFwaHkiOiJZb3UmI3gyNztyZSBjaGVlcmZ1bCBhbmQgb3B0aW1pc3RpYywgYnJpbmdpbmcgam95IGFuZCBwb3NpdGl2aXR5IHdoZXJldmVyIHlvdSBnby4gWW91ciBzdW5ueSBkaXNwb3NpdGlvbiBhbmQgaW5mZWN0aW91cyBsYXVnaHRlciBicmlnaHRlbiBldmVuIHRoZSBkYXJrZXN0IG9mIGRheXMuIFdpdGggYSBoZWFydCBmdWxsIG9mIGNvbXBhc3Npb24gYW5kIGVtcGF0aHksIHlvdSYjeDI3O3JlIGFsd2F5cyByZWFkeSB0byBsZW5kIGEgaGVscGluZyBoYW5kIHRvIHRob3NlIGluIG5lZWQuIiwidHlwZSI6IkNoYXJhY3RlciBDcmVkZW50aWFsIiwiaWQiOiJkaWQ6YnN2OmVjYWE0MDI4ZWMzYzM2N2IwZTkwNzI3ZmI1ZTY3ZWQwMTczNjA0ZWE2ZmVjYzRiMmM4YzI4ZTFlNjQxMjYyMTQifX0sIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJDaGFyYWN0ZXJDcmVkZW50aWFsIl0sImV4cGlyYXRpb25EYXRlIjoiMjAyNC0wMi0yMVQxNToyMTowMi44MDlaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsibmFtZSI6IlllbGxvdyIsImJpb2dyYXBoeSI6IllvdSYjeDI3O3JlIGNoZWVyZnVsIGFuZCBvcHRpbWlzdGljLCBicmluZ2luZyBqb3kgYW5kIHBvc2l0aXZpdHkgd2hlcmV2ZXIgeW91IGdvLiBZb3VyIHN1bm55IGRpc3Bvc2l0aW9uIGFuZCBpbmZlY3Rpb3VzIGxhdWdodGVyIGJyaWdodGVuIGV2ZW4gdGhlIGRhcmtlc3Qgb2YgZGF5cy4gV2l0aCBhIGhlYXJ0IGZ1bGwgb2YgY29tcGFzc2lvbiBhbmQgZW1wYXRoeSwgeW91JiN4Mjc7cmUgYWx3YXlzIHJlYWR5IHRvIGxlbmQgYSBoZWxwaW5nIGhhbmQgdG8gdGhvc2UgaW4gbmVlZC4iLCJ0eXBlIjoiQ2hhcmFjdGVyIENyZWRlbnRpYWwiLCJpZCI6ImRpZDpic3Y6ZWNhYTQwMjhlYzNjMzY3YjBlOTA3MjdmYjVlNjdlZDAxNzM2MDRlYTZmZWNjNGIyYzhjMjhlMWU2NDEyNjIxNCJ9LCJpc3N1ZXIiOiJkaWQ6YnN2OmQ3ZGRjYzAwYzE0ZjliY2NlMTEzNWZjM2IzMjYxNGExYjNiNDcyMGJlNjQwNDUwNzQzYmE2Yjg1MTk4MzMyNWQiLCJpc3N1YW5jZURhdGUiOiIyMDI0LTAyLTE0VDE0OjIxOjAyLjgxMFoiLCJzdWIiOiJkaWQ6YnN2OmVjYWE0MDI4ZWMzYzM2N2IwZTkwNzI3ZmI1ZTY3ZWQwMTczNjA0ZWE2ZmVjYzRiMmM4YzI4ZTFlNjQxMjYyMTQiLCJuYmYiOjE3MDc5MjA0NjIsImlzcyI6ImRpZDpic3Y6ZDdkZGNjMDBjMTRmOWJjY2UxMTM1ZmMzYjMyNjE0YTFiM2I0NzIwYmU2NDA0NTA3NDNiYTZiODUxOTgzMzI1ZCJ9.BNtaFqWdZNCmCXodN8tZ5MHOflzxQnbnFnYAJcWruQMXF-l8V4c2nsyb-3mgdGy38SowpJgHplZri6-TkcM_mA",
  "format": "jwt_vc_json",
  "c_nonce": "bea65ef2-ebd3-4006-b095-e5fbd6d96ccd",
  "c_nonce_expires_in": 300000
}

Get access token to start the credential issuance.

post

Before claiming the credential, the user has to get an access token. This endpoint facilitates the retrieval of an access token with the provided client_id, grant_type and pre-authorized_code. The client_id is a string that represents the client ID. The grant_type is a string that represents the grant type, which is in our case urn:ietf:params:oauth:grant-type:pre-authorized_code. The pre-authorized_code is a string that represents the pre-authorized code, which is generated by the web client when creating an offer. If successful, the server returns an object with access_token, token_type, expires_in, c_nonce, c_nonce_expires_in, authorization_pending and interval properties. access_token is a string that represents the access token. token_type is a string that represents the token type (bearer in our case). expires_in is a number that represents the expiration time of the token in seconds. c_nonce is a string that represents the c-nonce. c_nonce_expires_in is a number that represents the expiration time of the c-nonce in seconds. authorization_pending is a boolean that indicates if the authorization is pending (not used in our case). interval is a number that represents the interval in milliseconds.

If the API is NOT running in DEMO MODE, note that the resources must be creating using POST /private/credential-offers otherwise it will return errors

Path parameters

correlationIdstringRequired

Defines a organisation which is defined as a correlationId. Must be a value the Issuer is working with!

Example: teranode

Body

client_idstringRequired

The client ID.

Example: Identity:wallet

grant_typestringRequired

The grant type to use

Example: urn:ietf:params:oauth:grant-type:pre-authorized_code

pre-authorized_codestringRequired

Pre Authorized code that references the credential to start token fetching

Example: ab407be3-d18f-4508-837e-6286329c1da2

Responses

200Success

application/json

access_tokenstringRequired

String representing access token

Example:

eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE3MDc5MjA5OTkxMTIsImV4cCI6MzAwLCJpc3MiOiJuY2hhaW4iLCJwcmVBdXRob3JpemVkQ29kZSI6ImExNmE0ZDIzLTZlZWEtNGE3MC1iZWU5LWE3MDRjYWY0NjQ1OSJ9.yqaNyNG_oiah3cb9ELU-ukKqxk_Utt5ntNeFuzC69w4LToRqHHWrMibyupluzKFxSiqEZ7lsKFta2mUdhPIO_Q

token_typestringRequired

String representing token type

Example: bearer

c_noncestringRequired

String containing a nonce to be used when creating a proof of possession of the key proof. When received, the Wallet MUST use this nonce value for its subsequent requests until the Credential Issuer provides a fresh nonce.

Example: bea65ef2-ebd3-4006-b095-e5fbd6d96ccd

c_nonce_expires_innumberRequired

Number denoting the lifetime in seconds of the c_nonce.

Example: 30000

authorization_pendingbooleanRequired

Boolean indicating if the authorization is pending.

Example: false

intervalnumberRequiredExample: 300000

503

The service is unavailable

post

/api/v1/agent/{correlationId}/token

POST /products/web/12345/issuer/api/v1/agent/{correlationId}/token HTTP/1.1
Host: identity.products.teranode.group
Content-Type: application/json
Accept: */*
Content-Length: 160

{
  "client_id": "Identity:wallet",
  "grant_type": "urn:ietf:params:oauth:grant-type:pre-authorized_code",
  "pre-authorized_code": "ab407be3-d18f-4508-837e-6286329c1da2"
}

{
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NksifQ.eyJpYXQiOjE3MDc5MjA5OTkxMTIsImV4cCI6MzAwLCJpc3MiOiJuY2hhaW4iLCJwcmVBdXRob3JpemVkQ29kZSI6ImExNmE0ZDIzLTZlZWEtNGE3MC1iZWU5LWE3MDRjYWY0NjQ1OSJ9.yqaNyNG_oiah3cb9ELU-ukKqxk_Utt5ntNeFuzC69w4LToRqHHWrMibyupluzKFxSiqEZ7lsKFta2mUdhPIO_Q",
  "token_type": "bearer",
  "c_nonce": "bea65ef2-ebd3-4006-b095-e5fbd6d96ccd",
  "c_nonce_expires_in": 30000,
  "authorization_pending": false,
  "interval": 300000
}

PreviousMedia NextAgent > DID

Last updated 3 months ago

hashtagClaim credential

hashtagGet access token to start the credential issuance.

Claim credential

Get access token to start the credential issuance.