Credential Configuration¶
Credential configurations define the structure and properties of individual credentials. Each credential type has its own configuration file.
Basic Structure¶
Example Credential Configuration (PID):
{
"id": "pid",
"description": "Personal ID",
"tenantId": "root",
"config": {
"format": "dc+sd-jwt",
"scope": "pid",
"display": [
{
"name": "PID",
"description": "PID Credential",
"locale": "en-US",
"background_color": "#FFFFFF",
"text_color": "#000000",
"background_image": {
"uri": "https://service.eudi-wallet.dev/storage/2025-08-28-e5648725-b9c2-471d-92df-8da48af95ca9.jpg"
},
"logo": {
"uri": "https://service.eudi-wallet.dev/storage/2025-08-28-88e87f71-d1d3-46f9-86db-0fba5ae4c151.jpg"
}
}
]
},
"claims": {
"issuing_country": "DE",
"issuing_authority": "DE",
"given_name": "ERIKA",
"family_name": "MUSTERMANN",
"birth_family_name": "GABLER",
"birthdate": "1964-08-12",
"age_birth_year": 1964,
"age_in_years": 59,
"age_equal_or_over": {
"12": true,
"14": true,
"16": true,
"18": true,
"21": true,
"65": false
},
"place_of_birth": {
"locality": "BERLIN"
},
"address": {
"locality": "KÖLN",
"postal_code": "51147",
"street_address": "HEIDESTRAẞE 17"
},
"nationalities": [
"DE"
]
},
"disclosureFrame": {
"_sd": [
"issuing_country",
"issuing_authority",
"given_name",
"family_name",
"birth_family_name",
"birthdate",
"age_birth_year",
"age_in_years",
"age_equal_or_over",
"place_of_birth",
"address",
"nationalities"
],
"address": {
"_sd": [
"locality",
"postal_code",
"street_address"
]
}
},
"vct": {
"name": "PID",
"description": "PID credential"
},
"keyBinding": true,
"keyId": "039af178-3ca0-48f4-a2e4-7b1209f30376",
"statusManagement": true,
"lifeTime": 604800,
"schema": {
"$schema": "https://json-schema.org/draft/2020-12/schema",
"type": "object",
"properties": {
"issuing_country": {
"type": "string",
"title": "Issuing Country"
},
"issuing_authority": {
"type": "string",
"title": "Issuing Authority"
},
"given_name": {
"type": "string",
"title": "Given Name"
},
"family_name": {
"type": "string",
"title": "Family Name"
},
"birth_family_name": {
"type": "string",
"title": "Birth Family Name"
},
"birthdate": {
"type": "string",
"pattern": "^\\d{4}-\\d{2}-\\d{2}$",
"title": "Birthdate"
},
"age_birth_year": {
"type": "integer",
"title": "Birth Year"
},
"age_in_years": {
"type": "integer",
"title": "Age in Years"
},
"age_equal_or_over": {
"type": "object",
"title": "Age Equal or Over",
"properties": {
"12": {
"type": "boolean",
"title": "12 or Over"
},
"14": {
"type": "boolean",
"title": "14 or Over"
},
"16": {
"type": "boolean",
"title": "16 or Over"
},
"18": {
"type": "boolean",
"title": "18 or Over"
},
"21": {
"type": "boolean",
"title": "21 or Over"
},
"65": {
"type": "boolean",
"title": "65 or Over"
}
},
"required": [
"12",
"14",
"16",
"18",
"21",
"65"
]
},
"place_of_birth": {
"type": "object",
"title": "Place of Birth",
"properties": {
"locality": {
"type": "string",
"title": "Locality"
}
},
"required": [
"locality"
]
},
"address": {
"type": "object",
"title": "Address",
"properties": {
"locality": {
"type": "string",
"title": "Locality"
},
"postal_code": {
"type": "string",
"title": "Postal Code"
},
"street_address": {
"type": "string",
"title": "Street Address"
}
},
"required": [
"locality",
"postal_code",
"street_address"
]
},
"nationalities": {
"type": "array",
"title": "Nationalities",
"items": {
"type": "string",
"title": "Nationality"
}
}
},
"required": [
"issuing_country",
"issuing_authority",
"given_name",
"family_name",
"birth_family_name",
"birthdate",
"age_birth_year",
"age_in_years",
"age_equal_or_over",
"place_of_birth",
"address",
"nationalities"
],
"title": "PID Claims",
"description": "Schema for PID credential claims, describing personal and identity information fields."
},
"embeddedDisclosurePolicy": {
"policy": "attestationBased",
"values": [
{
"claims": [
{
"id": "card",
"path": [
"given_name"
]
}
],
"credentials": [
{
"id": "card",
"format": "sd-jwt-dc",
"meta": {
"vct_values": "https://example.com/member-card"
},
"trusted_authorities": [
{
"type": "aki",
"values": [
"s9tIpPmhxdiuNkHMEWNpYim8S8Y"
]
}
]
}
],
"credential_sets": [
{
"options": [
[
"card"
]
]
}
]
}
]
}
}
Configuration Fields¶
Required Fields¶
id: REQUIRED - Unique identifier for the credential configuration.description: REQUIRED - Human-readable description of the credential. Will not be displayed to the end user.config: REQUIRED - Entry for credential_configuration_supported. The name of the file will be used as the key in the configuration.format: REQUIRED - The format of the credential, onlydc+sd-jwtis currently supported.display: REQUIRED - Display configuration for the credential, including name, description, locale, colors, and images.
vct: REQUIRED - VC Type Metadata provided via the/credentials/vct/{id}endpoint. This link will automatically added into the credential.
Optional Fields¶
keyId: OPTIONAL - Unique identifier for the key used to sign the credential. If not provided, the first key in the key set will be used.lifeTime: OPTIONAL - Credential expiration time in seconds. If specified, credentials will include anexpclaim calculated asiat + lifeTime.statusManagement: OPTIONAL - Enable OAuth Token Status Lists for credential revocation. Whentrue, credentials include astatusclaim with revocation information.keyBinding: OPTIONAL - Enable cryptographic key binding. Whentrue, credentials include acnfclaim with the holder's public key and require proof of possession.claims: OPTIONAL - Static claims to include in the credential. Can be overridden by webhook responses or claims passed during credential offer.disclosureFrame: OPTIONAL - Defines which claims should be selectively disclosable in SD-JWT format.embeddedDisclosurePolicy: OPTIONAL - Defines the embedded disclosure policy for the credential.
Claims Configuration¶
Claims define the data that will be included in the credential. You can specify static claims directly in the configuration, or they can be provided dynamically during the issuance process.
Static Claims¶
{
"claims": {
"issuing_country": "DE",
"issuing_authority": "DE",
"given_name": "ERIKA",
"family_name": "MUSTERMANN",
"birth_family_name": "GABLER",
"birthdate": "1964-08-12",
"age_birth_year": 1964,
"age_in_years": 59,
"age_equal_or_over": {
"12": true,
"14": true,
"16": true,
"18": true,
"21": true,
"65": false
},
"place_of_birth": {
"locality": "BERLIN"
},
"address": {
"locality": "KÖLN",
"postal_code": "51147",
"street_address": "HEIDESTRAẞE 17"
},
"nationalities": ["DE"]
}
}
Complex Data Types¶
Claims support various data types including objects, arrays, and boolean values:
Object Claims:
{
"address": {
"locality": "KÖLN",
"postal_code": "51147",
"street_address": "HEIDESTRAẞE 17"
},
"place_of_birth": {
"locality": "BERLIN"
}
}
Array Claims:
Boolean Claims:
Selective Disclosure¶
Use the disclosureFrame to make specific claims selectively disclosable in
SD-JWT format:
{
"disclosureFrame": {
"_sd": [
"issuing_country",
"issuing_authority",
"given_name",
"family_name",
"birth_family_name",
"birthdate",
"age_birth_year",
"age_in_years",
"age_equal_or_over",
"place_of_birth",
"address",
"nationalities"
],
"address": {
"_sd": ["locality", "postal_code", "street_address"]
}
}
}
This configuration allows:
- Individual disclosure of personal information fields
- Selective disclosure of address components
- Holders can choose which claims to reveal during presentation
Nested Selective Disclosure¶
For complex claims with nested objects, you can specify selective disclosure at multiple levels:
{
"disclosureFrame": {
"_sd": ["given_name", "family_name", "address", "place_of_birth"],
"address": {
"_sd": ["locality", "postal_code", "street_address"]
},
"place_of_birth": {
"_sd": ["locality", "country"]
}
}
}
Display Configuration¶
The display configuration defines how the credential appears in wallets:
{
"display": [
{
"name": "Personal Identity Document",
"description": "Official identity credential",
"locale": "en-US",
"background_color": "#FFFFFF",
"text_color": "#000000",
"logo": {
"uri": "<PUBLIC_URL>/issuer.png",
"url": "<PUBLIC_URL>/issuer.png"
},
"background_image": {
"uri": "<PUBLIC_URL>/credential-bg.png",
"url": "<PUBLIC_URL>/credential-bg.png"
}
}
]
}
Display Fields¶
name: Display name for the credentialdescription: Brief description of the credentiallocale: Language/locale (e.g., "en-US", "de-DE")background_color: Background color (hex format)text_color: Text color (hex format)logo: Issuer logo configurationbackground_image: Background image for the credential
Advanced Features¶
For more complex credential requirements, see:
- Advanced Features - Learn about key binding, status management, and expiration
- Authentication - Configure OAuth flows and security
- API Guide - Create and manage configurations programmatically