Skip to main content

Receive credential with user PIN

PUT 
/v2/config/digital-wallet/openid/sdjwt/credential/:credentialId/user-pin

Submits the transaction code (tx_code) required for the OID4VCI Pre-Authorized Code Flow.

Request

Path Parameters

    credentialId stringrequired

    Unique identifier of a credential stored in the holder's wallet.

Body

    userPin string

    Transaction code used for receiving credential using pre-authorized grant.

Responses

User PIN for credential received successfully

Response Headers
    Schema
      credential object
      credentialId stringrequired

      Unique identifier for the credential stored in the holder's wallet.

      credentialToken stringrequired

      The raw JWT, SD-JWT, or mDoc token of the issued Verifiable Credential as received from the issuer's OpenID for Verifiable Credentials Issuance (OID4VCI) Credential Endpoint.

      credential objectrequired

      Decoded payload of the Verifiable Credential token. Contains the parsed claims from the W3C VC (JWT), IETF SD-JWT VC, or ISO 18013-5 mDoc/mDL credential.

      property name* any

      Decoded payload of the Verifiable Credential token. Contains the parsed claims from the W3C VC (JWT), IETF SD-JWT VC, or ISO 18013-5 mDoc/mDL credential.

      credentialStatus stringrequired

      Possible values: [credential_pending, credential_acked]

      Current status of the credential in the holder's wallet. credential_pending indicates the credential requires additional steps (e.g. entering a transaction code or polling the OID4VCI Deferred Credential Endpoint). credential_acked indicates the credential has been fully received and stored.

      acceptanceToken stringrequired

      Acceptance token (transaction_id in OID4VCI) returned for deferred issuance. The wallet uses this to poll the Deferred Credential Endpoint.

      credentialIssuer stringrequired

      Credential Issuer Identifier as defined in OID4VCI. Typically the issuer's base URL used to resolve the Credential Issuer Metadata.

      userPin stringrequired

      Transaction code (tx_code) required for the OID4VCI Pre-Authorized Code Flow.

      createdAt numberrequired

      Unix timestamp (in seconds) when this credential record was created.

      updatedAt numberrequired

      Unix timestamp (in seconds) when this credential record was last modified.

      userPinRequired booleanrequired

      When true, the holder must provide a transaction code (tx_code) to complete the OID4VCI Pre-Authorized Code Flow Token Request.

      credentialFormat stringrequired

      Format of the received credential as defined in OID4VCI. Values: jwt_vc_json (W3C VC JWT), dc+sd-jwt (IETF SD-JWT VC), mso_mdoc (ISO 18013-5 mDoc/mDL).

      presentationId stringrequired

      Identifier linking this credential to a presentation exchange, if received as part of a dynamic issuance flow involving OpenID for Verifiable Presentation (OpenID4VP).

      issuer objectrequired
      name string
      location string
      cover string
      logo string
      description string
      credentialConfigurations object
      transactionCode object
      inputMode string

      Possible values: [numeric, text]

      Input method for the transaction code as defined in OID4VCI. numeric restricts to digits only. text allows alphanumeric input.

      inputLength integer

      Expected length of the transaction code in characters.

      description string

      Human-readable instruction displayed to the holder explaining how to obtain or use the transaction code.

      authorizationDetails object[]
    • Array [
      • type string

      Authorization detail type. Must be openid_credential for OID4VCI credential issuance requests, as defined in RFC 9396.

      credential_configuration_id string

      Identifier of the credential configuration from the issuer's OID4VCI Credential Issuer Metadata.

      format string

      Credential format identifier (e.g. jwt_vc_json, dc+sd-jwt, mso_mdoc).

    • ]
      • revocationStatus string

      Possible values: [Operational, Revoked, Suspended]

      Current revocation status. Operational means valid, Revoked means permanently invalidated, Suspended means temporarily invalidated.

      legalPidAttestation string

      Legal Person Identification (LPID) attestation credential of the issuer, used to verify the issuer's legal identity in the EUDI Wallet ecosystem.

      legalPidAttestationPop string

      Proof of Possession (PoP) for the issuer's LPID attestation, proving the issuer controls the associated private key.

      legalPidVerified boolean

      Indicates whether the issuer's LPID attestation has been successfully verified.

      autoPresent boolean

      When true, the wallet automatically presents this credential when a matching OpenID4VP Authorization Request is received.

      version string

      Possible values: [draft_11, draft_13, draft_15, draft_17]

      OID4VCI specification draft version used for this credential's issuance protocol.

      kid string

      Key Identifier (kid) of the cryptographic key used to sign or bind the credential.

      trustAnchor string

      Possible values: [jwk, did:key, did:ebsi, did:web, did:tdw]

      DID method or key type used as the trust anchor for verifying the issuer's identity.

      expiredCredentialTokens string[]

      Array of previously issued credential tokens that have expired.

      expiredCredentials object[]

      Array of decoded expired credential payloads.

      requiresEncryption boolean
      isVerifiedWithTrustList boolean
      trustServiceProvider object
      oAuthFlow string

      Possible values: [frontchannel, backchannel]

      OAuth 2.0 flow used for credential issuance. frontchannel uses browser redirects, backchannel uses server-to-server communication.

      authorizationRequest string

      OAuth 2.0 authorization request URL for the Authorization Code Flow.

    Loading...
    Last updated on