Method: vdc.getCredentialStatus

An endpoint to retrieve the current status of a credential.

HTTP request

POST https://example.issuer.com/api/v1/vdc/getCredentialStatus

Request body

The request body contains data with the following structure:

JSON representation 
{
  "requestMetadata": {
    object (RequestMetadata)
  },
  "deviceReferenceId": string,
  "credentialId": string
}
Fields
requestMetadata

object (RequestMetadata)

The metadata about the request, required in all requests.
deviceReferenceId

string

The id that corresponds to the device and the identity key associated with the device. This is NOT a device id, meaning that if the user were to have two separate credentials on the same device, this id would differ between them.

This id is supplied in all requests, and can be used to correlate requests.
credentialId

string

The id of the credential that the caller is requesting the status of.

Response body

A response containing the current status of a credential.

If successful, the response body contains data with the following structure:

JSON representation 
{
  "responseMetadata": {
    object (ResponseMetadata)
  },
  "credentialStatus": {
    object (CredentialStatus)
  },
  "credentialVersionId": string
}
Fields
responseMetadata

object (ResponseMetadata)

The metadata about the response, required in all responses.
credentialStatus

object (CredentialStatus)

The current status of the credential.
credentialVersionId

string

The current version of the credential. This is expected to change when new versions of the credential become available. An example of when this would change is when the user updates their address on their credential, making the underlying mdoc stale.

CredentialStatus

An object representing the different statuses a credential can have.

JSON representation 
{
  "userActionRequired": {
    object (UserActionRequired)
  },

  // Union field status can be only one of the following:
  "provisionPending": {
    object (ProvisionPending)
  },
  "active": {
    object (Active)
  },
  "revoked": {
    object (Revoked)
  },
  "deleted": {
    object (Deleted)
  }
  // End of list of possible types for union field status.
}
Fields
userActionRequired

object (UserActionRequired)

Action required by the user to avoid their credential moving to a more restricted state (e.g. ACTIVE -> REVOKED).
Union field status. A oneof containing the different statuses possible for a credential. status can be only one of the following:
provisionPending

object (ProvisionPending)

Represents a credential that can be retrieved, but has not yet provided ProofOfProvisioning. Any calls to vdc.provisionMobileSecurityObjects for a credential in this state should fail if the request doesn't contain an updated ProofOfProvisioning. A credential is put into this state when it is created, and when there is a new version of a credential available. For the new version case, the wallet must re-provision the credential and provide ProofOfProvisioning to go back to an ACTIVE state.
active

object (Active)

Represents an active and usable credential. MSOs can only be retrieved for a credential in the ACTIVE state.
revoked

object (Revoked)

Represents a credential that is in a final, un-usable state. This credential can not become usable in the future. This state is comparable to DELETED, but can only be set by the issuer.
deleted

object (Deleted)

Represents a credential that was once provisioned, but has been deleted from the device. This state is comparable to REVOKED, but can only be set by the wallet.

ProvisionPending

This type has no fields.

An object representing a provision pending credential status. This message is intentionally empty right now. New fields could be added in the future.

Active

This type has no fields.

An object representing an active credential status. This message is intentionally empty right now. New fields could be added in the future.

Revoked

This type has no fields.

An object representing a revoked credential status. This message is intentionally empty right now. New fields could be added in the future.

Deleted

This type has no fields.

An object representing a deleted credential status. This message is intentionally empty right now. New fields could be added in the future.

UserActionRequired

An object representing a task / action that the user needs to complete.

JSON representation 
{
  "deadlineTimeMillis": string,
  "deadlineEnforcementHint": {
    object (EnforcementHint)
  },

  // Union field action can be only one of the following:
  "submitProofing": {
    object (SubmitProofing)
  }
  // End of list of possible types for union field action.
}
Fields
deadlineTimeMillis

string (int64 format)

The epoch time of when when the action expires and the issuer is expected to move the credential to a more restricted state. Used by the client to warn the user about when the action needs to be completed by but it is up to the issuer to enforce restrictions.
deadlineEnforcementHint

object (EnforcementHint)

Hint describing how the issuer would enforce the deadline of the action.
Union field action. The action that the user needs to complete. action can be only one of the following:
submitProofing

object (SubmitProofing)

Submit proofing of the credential.

EnforcementHint

Hint describing how the issuer would enforce the action required.

JSON representation 
{

  // Union field hint can be only one of the following:
  "revocationHint": {
    object (RevocationHint)
  }
  // End of list of possible types for union field hint.
}
Fields
Union field hint. Type of enforcement hint. hint can be only one of the following:
revocationHint

object (RevocationHint)

Credential will be revoked by the issuer.

RevocationHint

This type has no fields.

Credential will be revoked by the issuer.

SubmitProofing

Details of the proofing status.

JSON representation 
{

  // Union field ProofingAllowance can be only one of the following:
  "limitedAttempts": {
    object (LimitedAttempts)
  },
  "unlimitedAttempts": {
    object (UnlimitedAttempts)
  }
  // End of list of possible types for union field ProofingAllowance.
}
Fields
Union field ProofingAllowance. The proofing attempt on the current credential. ProofingAllowance can be only one of the following:
limitedAttempts

object (LimitedAttempts)

The user has limited attempts to submit proofing.
unlimitedAttempts

object (UnlimitedAttempts)

The user has unlimited attempts to submit proofing. This is not recommended to the issuer.

LimitedAttempts

The user has limited attempts to submit proofing.

JSON representation 
{
  "remainingAttempts": integer,
  "maxAttempts": integer,
  "maxAttemptsEnforcementHint": {
    object (EnforcementHint)
  }
}
Fields
remainingAttempts

integer

The number of remaining attempts to submit proofing. This is only for UX message diplay. Google Wallet will not act on this number.
maxAttempts

integer

The maximum number of attempts to submit proofing. This is only for UX message diplay. Google Wallet will not act on this number.
maxAttemptsEnforcementHint

object (EnforcementHint)

Hint describing how the issuer would enforce the max attempts.

UnlimitedAttempts

This type has no fields.

The user has unlimited attempts to submit proofing. This is not recommended to the issuer.