Building with Digital Credentials

Your starting point for integrating verifiable, user-centric identity into your applications.

Getting Started

The digital credential ecosystem comprises several key components: Digital Wallets for users to store and manage their credentials,Issuer Services that create and sign credentials, and Verifier Tools used by applications to request and validate credentials. Choosing the right standards (like W3C Verifiable Credentials, SD-JWT, mdoc) depends on your specific use case, regulatory requirements, and desired level of interoperability.

Consider factors like the type of claims, security needs, and the target platforms when making your decision.

Integration Guides

Issuing Credentials

To issue a credential, you generally need to: define the credential structure (claims), gather and verify subject data, create the credential in a standard format (e.g., VC-JWT), sign it with a verifiable cryptographic key, and then deliver it to the holder (user). Consider using established issuer services or libraries that handle the complexities of key management and signing.

// Pseudocode for Issuing a Credential
function issueCredential(subjectData, issuerPrivateKey) {
  const claims = {
    "@context": ["https://www.w3.org/2018/credentials/v1"],
    "type": ["VerifiableCredential", "YourCustomCredential"],
    "issuer": "did:example:issuer123",
    "issuanceDate": new Date().toISOString(),
    "credentialSubject": {
      "id": subjectData.id,
      ...subjectData.attributes
    }
  };
  
  const signedVcJwt = signJwt(claims, issuerPrivateKey);
  return signedVcJwt;
}

Verifying Credentials

Verification involves: receiving the credential from the holder, checking the issuer's signature and trust, validating the credential's integrity (not tampered), and ensuring it hasn't expired or been revoked. For different formats like VC-JSON-LD, VC-JWT, or SD-JWT, specific parsing and validation libraries will be needed. OpenID4VP standardizes the request and presentation flow, simplifying how your application asks a wallet for credentials.

// Simplified JS for Verifying a VC-JWT (conceptual)
async function verifyVcJwt(vcJwt, issuerPublicKey) {
  // 1. Decode JWT (don't trust payload yet)
  // 2. Verify signature using issuer's public key
  // 3. Check issuer trust (e.g., via DID resolution, trusted list)
  // 4. Validate claims (e.g., expiration, structure)
  // 5. For SD-JWT, additionally verify disclosures and holder binding
  const isValid = await jwt.verify(vcJwt, issuerPublicKey, { algorithms: ['ES256'] });
  if (isValid) {
    // Process credential subject data
  }
  return isValid;
}

Wallet Integration

Applications typically interact with digital credential wallets using protocols like OpenID4VP for requesting credential presentations, or by handling deep links or QR codes that initiate a credential sharing flow from the wallet. The goal is a seamless user experience where the user can easily select and share their credentials from their preferred wallet.

Code Samples & SDKs

Many open-source libraries and SDKs can help you get started. Look for tools that support:

W3C Verifiable Credentials (VCs) creation and verification (JSON-LD and JWT profiles).
SD-JWT creation, presentation, and verification.
Mobile Document (mdoc / ISO 18013-5) parsing and verification.
OpenID for Verifiable Presentations (OpenID4VP) for verifier and wallet interactions.
DID (Decentralized Identifiers) resolution and management.

Check platforms like W3C VC Test Suite & Implementations, and search for libraries specific to your programming language (e.g., for Node.js, Python, Java, Rust).

API Reference

API reference documentation will be available at a later stage.

Tutorials & Use Case Implementations

Step-by-step guides for common scenarios will be added soon.

Community & Support

Join the conversation, ask questions, and contribute to the ecosystem:

W3C Credentials Community Group
OpenID Foundation Working Groups
Search for relevant projects and discussions on GitHub.