Skip to main content

List credential definition

GET 
/v2/config/digital-wallet/openid/sdjwt/credential-definitions

Lists all credential definitions configured for OID4VCI credential issuance.

Request

Query Parameters

    offset integerrequired

    Number of records to skip for pagination.

    limit integerrequired

    Default value: 10

    Maximum number of records to return per page.

    vct string

    Filter by IETF SD-JWT VC verifiable credential type identifier.

    doctype string

    Filter by ISO 18013-5 mDoc/mDL document type identifier.

    type string

    Filter by W3C Verifiable Credential type (JWT format).

    search stringrequired

    Search term to filter results by

    sortOrder stringrequired

    Possible values: [desc, asc]

    Default value: desc

    Sort order for the returned records (ascending or descending).

Responses

Credential definitions listed successfully

Response Headers
    Schema
      credentialDefinition object[]
    • Array [
      • credentialDefinitionId stringrequired

      Unique identifier assigned to the credential definition upon creation. Use this ID to reference the credential definition in OpenID for Verifiable Credentials Issuance (OID4VCI) operations.

      type string[]

      Array of credential type strings as defined in the OID4VCI specification. These values appear in the type field of the issued W3C VC (JWT).

      credentialDefinition objectrequired

      JSON object defining the credential structure and its claims for W3C VC (JWT) format (jwt_vc_json).

      createdAt numberrequired

      Unix timestamp (in seconds) indicating when this credential definition was created.

      updatedAt numberrequired

      Unix timestamp (in seconds) indicating when this credential definition was last modified.

      label stringrequired

      Human-readable label describing the intended use of this credential definition (e.g. 'Issue Portable Document A1').

      expirationInDays numberrequired

      Number of days until the issued credential expires. Defaults to 30 if not specified.

      display object
      name stringrequired

      Display name for the credential shown in wallet UIs, as specified in the OID4VCI Credential Issuer Metadata.

      locale stringrequired

      BCP47 language tag for the display properties (e.g. en-GB).

      description string

      Human-readable description of the credential purpose.

      backgroundColor stringrequired

      Hex color code for the credential card background (e.g. #FFFFFF).

      textColor stringrequired

      Hex color code for text on the credential card (e.g. #000000).

      credentialFormat string

      Possible values: [jwt_vc_json, dc+sd-jwt, mso_mdoc]

      Credential format identifier as defined in OID4VCI. Supported formats: jwt_vc_json (W3C VC JWT), dc+sd-jwt (IETF SD-JWT VC), mso_mdoc (ISO 18013-5 mDoc/mDL).

      vct string

      Verifiable Credential Type identifier used when credentialFormat is dc+sd-jwt. Included in the vct claim of the issued IETF SD-JWT VC.

      doctype string

      Document type identifier used when credentialFormat is mso_mdoc. Identifies the credential in the ISO 18013-5 mDoc/mDL format (e.g. org.iso.18013.5.1.lpid).

      claims object

      JSON object defining the credential claims structure for IETF SD-JWT VC (dc+sd-jwt) and ISO 18013-5 mDoc/mDL (mso_mdoc) formats.

      property name* any

      JSON object defining the credential claims structure for IETF SD-JWT VC (dc+sd-jwt) and ISO 18013-5 mDoc/mDL (mso_mdoc) formats.

      supportRevocation boolean

      When true, enables credential revocation support using the IETF Token Status List specification.

      enforceWUA boolean

      When true, the issuer requires the holder to present a valid Wallet Unit Attestation (WUA) during the OID4VCI issuance flow.

      validationPath string

      Possible values: [$.vc.credentialSubject, $.vc, $]

      JSONPath expression specifying which part of the credential payload to validate. Use $.vc.credentialSubject for W3C VC (JWT), $.vc for full VC validation, or $ for root-level validation.

      version string

      Possible values: [draft_11, draft_13, draft_15, draft_17, version_01]

      OID4VCI specification draft version to use for credential issuance protocol interactions.

      kid string

      Key Identifier (kid) referencing the cryptographic key used to sign issued credentials.

      trustAnchor string

      Possible values: [jwk, did:key, did:ebsi, did:web, did:tdw]

      DID method or key type used as the trust anchor for credential issuance.

      revocationMethod string

      Possible values: [status_list, status_list_2021, swiss_token_status_list_v1]

      Method used for credential revocation. status_list uses the IETF Token Status List, status_list_2021 uses the W3C Status List 2021, swiss_token_status_list_v1 uses the Swiss profile.

      enforceCredentialUniqueness boolean

      When true, ensures each credential issued under this definition is unique per holder.

      supportCredentialReissuance boolean

      When true, allows holders to request reissuance of expired or near-expiry credentials.

      credentialDefinitions object[]
    • Array [
      • label string

      Human-readable label describing the intended use of this credential definition.

      expirationInDays number

      Number of days until the issued credential expires. Defaults to 30.

      supportRevocation boolean

      When true, enables credential revocation support.

      revocationMethod string

      Possible values: [status_list, status_list_2021, swiss_token_status_list_v1]

      Method used for credential revocation.

      enforceCredentialUniqueness boolean

      When true, ensures each credential under this definition is unique per holder.

      supportCredentialReissuance boolean

      When true, allows holders to request reissuance of expired credentials.

      credentialBindingMethods string[]

      Array of supported cryptographic key binding methods for issued credentials, as defined in OID4VCI Credential Issuer Metadata (e.g. jwk, did:key, cose_key).

      authorizationRequestType string

      Possible values: [authorization_details, scope_based]

      Determines how the wallet requests authorization during the OID4VCI issuance flow. authorization_details uses RFC 9396 Rich Authorization Requests, scope_based uses OAuth 2.0 scope values.

      scope string

      OAuth 2.0 scope value associated with this credential definition. Used when authorizationRequestType is scope_based.

      display object

      Display properties for the credential card in wallet UIs.

      name string
      description string
      backgroundColor string
      textColor string
      credentialResponseInterval number

      Minimum polling interval (in seconds) for the wallet when using the OID4VCI Deferred Credential Endpoint.

      credentialFormat string

      Possible values: [dc+sd-jwt]

      Credential format. Must be dc+sd-jwt for IETF SD-JWT VC.

      vct string

      Verifiable Credential Type identifier for IETF SD-JWT VC (e.g. urn:eu.europa.ec.eudi:pid:1).

      claims object

      JSON object defining the credential claims structure for IETF SD-JWT VC. Each claim can specify selective disclosure via limitDisclosure.

      property name* any

      JSON object defining the credential claims structure for IETF SD-JWT VC. Each claim can specify selective disclosure via limitDisclosure.

    • ]
      • namespace string

      Namespace identifier for ISO 18013-5 mDoc/mDL (mso_mdoc) format credentials (e.g. org.iso.18013.5.1).

    • ]
      • pagination object
      currentPage integer

      Current page number

      totalItems integer

      Total number of items available

      totalPages integer

      Total number of pages based on limit

      limit integer

      Number of items per page

      hasPrevious boolean

      Indicates if there's a previous page

      hasNext boolean

      Indicates if there's a next page

    Loading...
    Last updated on