What is the Verifiable Credential API service
The Verifiable Credential API provides a Core Service of the EBSI platform providing the capability of creating W3C credentials ready for signing and validating W3C Verifiable Credentials.
Why we need it
Identity and credentials are cornerstone elements of many, if not most, use case applications dealing with official processes and documents. This service allows for the flexible integration of verifiable credentials flows into any use case following the same principles as EBSI.
Anatomy of the service
Within the context of SSI, Verifiable IDs and Verifiable Attestations (both types of 'Verifiable Credentials') enable entities (i.e. natural persons or legal persons) to make certain claims about themselves in a method where these claims can be regarded as proofs of certain attributes of the entity (e.g. name, age, attestations, legal business incorporation, etc.)
Such attributes – which are described within a Verifiable ID or Attestation – can potentially be anything (e.g. name, age, health or financial data, legal claims, educational or work records, citizenship, club membership, power of representation, authorisation to access certain data) and are usually linked to certain rights or obligations in different contexts.
Given that Verifiable IDs (for identification/authentication) and Verifiable Attestations (for everything beyond mere identification/authentication) contain digital claims about certain attributes which cannot be tampered with, they are central to creating trust in an SSI ecosystem in order to enable transactions.
If someone provides, for example, a Verifiable ID that states information about their identity and is issued and signed by a government, service providers may trust or rely on this information (if they trust the government and the cryptography) to decide whether or not to conduct a transaction.
In EBSI V1, Verifiable Credentials are issued by an 'Issuer' (e.g. a government or university) to a 'Holder/User' – a citizen).
The API is built to be Restful, its principal functions are:
- Create a W3C Verifiable Credential without proof based on the type and content specified in the credential Subject field. The resulting VC is ready for signing (by the wallet service).
- Validate the VC format, signature, and checks that the issuers are authorised to issue the given credential (by using the Trusted Issuers Registry API).
The documentation of the Verifiable Credential Swagger API in the API Catalog.
The EBSI code repository is not yet available.