Method: vdc.provisionCredential

HTTP request
Request body
- JSON representation
Response body
- JSON representation
Credential
- JSON representation

An endpoint to provision a credential.

HTTP request

POST https://example.issuer.com/api/v1/vdc/provisionCredential

Request body

The request body contains data with the following structure:

JSON representation
{ "requestMetadata": { object (`RequestMetadata`) }, "deviceReferenceId": string, "credentialId": string, "proofingId": string, "deviceEncryptionKey": { object (`DeviceEncryptionKey`) } }

Fields
`requestMetadata`	`object (RequestMetadata)` The metadata about the request, required in all requests.
`deviceReferenceId`	`string` The id that corresponds to the device and the identity key associated with the device. This is NOT a device id, meaning that if the user were to have two separate credentials on the same device, this id would differ between them. This id is supplied in all requests, and can be used to correlate requests.
`credentialId`	`string` An opaque identifier representing a specific credential provisioned to a device. If the credentialId already exists, instead of creating a new credential, this method should return the existing credential. Ex: UUID
`proofingId`	`string` An opaque identifier representing a proofing with a specific bundle of evidence, for a specific device. The proofing must be in an Approved state. If not, an invalid identifier ErrorResponse should be returned.
`deviceEncryptionKey`	`object (DeviceEncryptionKey)` An object containing the device's ephemeral encryption key and associated metadata. This key is used for encrypting a value back to the device. This object may not be provided in the sandbox environment during onboarding, indicating the issuer should return plaintext data. This should always be set in the production environment.

Response body

A response containing the provisioned credential.

If successful, the response body contains data with the following structure:

JSON representation
{ "responseMetadata": { object (`ResponseMetadata`) }, "credential": { object (`Credential`) }, "credentialVersionId": string }

Fields

Fields
`responseMetadata`	`object (ResponseMetadata)` The metadata about the response, required in all responses.
`credential`	`object (Credential)` The provisioned credential.
`credentialVersionId`	`string` The current version of the credential that has been provisioned.

responseMetadata

object (ResponseMetadata)

The metadata about the response, required in all responses.

credential

object (Credential)

The provisioned credential.

credentialVersionId

string

The current version of the credential that has been provisioned.

Credential

The mdoc based Credential, as defined by the relevant ISO standard for the credential type.

For example, for a mobile drivers license, this would be ISO/IEC 18013-5. See this for mDL mDoc format.

JSON representation

JSON representation
{ // Union field `presencetype` can be only one of the following: "encryptedData": { object (`EncryptedData`) }, "unencryptedValue": string // End of list of possible types for union field `presencetype`. }

{

  // Union field presencetype can be only one of the following:
  "encryptedData": {
    object (EncryptedData)
  },
  "unencryptedValue": string
  // End of list of possible types for union field presencetype.
}

Fields

Fields
Union field `presencetype`. An oneof indicating how the credential is being presented. `presencetype` can be only one of the following:
`encryptedData`	`object (EncryptedData)` The encrypted value and encryption metadata necessary to decrypt the value.
`unencryptedValue`	`string` The base64 encoded value of the credential.

Union field presencetype. An oneof indicating how the credential is being presented. presencetype can be only one of the following:

encryptedData

object (EncryptedData)

The encrypted value and encryption metadata necessary to decrypt the value.

unencryptedValue