Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...


Table of Contents
minLevel1
maxLevel

...

3

...


Verifiable credentials (or VCs) are a standard format for the digital representation of credentials (documents that collect attributes about a subject) that are cryptographically secure, verifiable through machines, and that guarantee privacy by enabling methods such as minimum disclosure.

With Gataca Studio, you can create, validate, and digitally sign identity credentials according to W3C standards for global interoperability.

You can easily create credential issuance templates to integrate an issuance process into your website or application.

Below the introductory video, you can see the detailed step-by-step tutorial on how to issue your first credential.

Create a credential issuance template in Gataca Studio.mp4

1. Create an Issuance Template

To ensure credentials are shared and interpreted correctly, each of these credentials requires a template.

Panel
bgColor#F4F5F7

An issuance template defines an issuance process, including:

  • What credential

...

  • type will be used (which in

...

  • turn defines the

...

  • kind of credential: e.g., a driver’s license, an academic diploma, or a national ID)

  • Which claims within the

...

  • credential will be

...

  • issued

  • What authentication requirements and security constraints are needed for a user to get the credential (e.g., sharing other existing credentials from the Wallet, 2FA)

When accessing Gataca Studio, you can create a new issuance template from the main dashboard or click New issuance in the issuance templates section.

...

Image Added

Creating an Issuance template involves a 4-step process:

Step 1: Basic configuration

Issuance ID - Name the issuance template

The first step is to define your issuance template name. We recommend this name

...

be descriptive of the credential to be issued.

This name will be associated with the issuance process and will serve as the

...

primary reference to the process when adding it to API Keys and throughout the platform.

Example: “Employee Card Teachers Template”

Requester DID

...

You will have to select which DID you want to state as the Issuer of this credential.

By default, a DID has already been created for you with the alias name “My

...

DID.This DID can be selected for issuing your first issuance template. You can also decide to create another DID first.

Info

Jump to the tutorial on creating DIDs

...

Image Added

...

Step 2: Issuance

In this step, you define which credential type you want to use and what claims will be issued in this process.

Panel
bgColor#F4F5F7

If your organization requires a credential type not currently supported in Studio, please reach out and tell us your needs.

Credential Types

All verifiable credentials must declare their type in their template.

...

A credential type

...

defines the content and format of a specific credential. Gataca Studio covers a

...

significant number of credential types.

...

New credential types will be added soon.

Depending on the service you provide, select the most appropriate one.

...

Image Added

...

Credential Attributes - What credential attributes should be included?

Credential attributes

...

are claims made about the subject. When selecting a credential Type, Studio will show all available attributes within the schema. Select which attributes will be contained in the credential

...

you will be issuing.

Image Added

...

Step 3:

...

Requirements

Requirements

In this step, you define which personal information (in the form of verifiable credentials) is necessary to verify your user before issuing your credential. Users will need to ensure they have these credentials in their wallets before requesting the issuance of their credentials.

Add credentials claims - What credentials should I request from the user?

Establish the data you will be requesting from your users in order to issue the credential.

...

Select which credentials you require your user to share with you by clicking the Add Credential Claims button.

Image Modified

Scroll the list and tick those credentials you want to select

...

or use the search bar on top.

...

Image Modified

How to select required credentials and optional credentials

Required credentials mean that the information is critical to fulfilling the credential issuance. Any other nice-to-have information should be marked as optional.

...

Select those that will be required or will remain optional from the list of credentials you will be requesting.

Example:

...

Image Added

Step 4: Constraints

Credential trust level - How to determine which credentials are trusted?

In this section, you will determine if the

...

credentials you

...

Example:

...

request from the user for authentication purposes need to be trusted.

Panel
bgColor#F4F5F7

If your organization requires a credential type not currently supported in Studio, please reach out and tell us your needs.

Image Added
Panel
panelIconIdatlassian-warning
panelIcon:warning:
bgColor#F4F5F7

Trusted Credentials are those whose Issuer is registered in Gataca’s Public Issuer Registry.

Unless your subscription tier allows you to request your DIDs to be registered in Gataca’s Public Issuer Registry, Credentials issued by you will not be trusted. Make sure you don’t require your issued credentials to be trusted for authentication purposes.

Credential data agreement - How to select the credential purpose

In this section, you will determine the reason why you are requesting the previously

...

required credentials from your users. This will be shown to your users.

Example:

...

Image Added

Security configuration

...

In this last section, you’ll define the extra security

...

mechanisms, such as 2FA via biometrics, OTPs, or in-app authentication.

The available security

...

mechanisms will depend on your subscription.

Step 5: Successful configuration

...

Once you finish the configuration of an Issuance Template, you’ll see confirmation that the process has been successfully saved. You can now test your Issuance Template by adding it to an API Key.

Select an API Key

When clicking on Add to API Key, a list of the available API keys for your templates will open.

Panel
bgColor#F4F5F7

If this is your first template, the creation of an API Key will appear. If you already have API Keys, jump to Step 3.

Image Added

2. Create an API Key

An API Key is a unique identifier and authentication key providing access to specific issuance and/or verification templates to your applications calling the Gataca Studio APIs.

Once you reach the end of creating an issuance template, you can select to add this template to an API Key.

...

When clicking on “Add to API Key“ a list of the available API keys for your templates will appear.

  1. Select the API Key you want to associate with the new template created.

  2. Insert the password provided when creating the API Key.

  3. Callback: Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.

Info

If this is your first template, the creation of an API Key will appear instead. Jump to the tutorial on creating an API Key.

Example

2. Create an API Key

...

If you don’t have an API Key yet, you’ll have to create one to test your Template. The following steps show you how to create a new API Key.

On the left menu, click on API Keys.

Image Added

Click on New API Key and set the basic configuration:

  • API Key Name: Choose an identifier for your API Key

  • DID: Select the DID associated with the new API Key. This will determine which administrators can access this API Key (only those with permission to manage the corresponding DID).

  • SSI Operations: Select the credential issuance template you want to associate with this API Key from the SSI Operations dropdown.

...

Image Added

You will be presented with the ID and password of the API Key created.

Image Added
Panel
bgColor#F4F5F7

Make sure to store the API key password in a secure place. Once you close this tab, you will not be able to retrieve the password, you will only be able to

...

regenerate a new password. Learn how to regenerate a password here.

Anchor
Step3-Test-Issuance
Step3-Test-Issuance
3. Test it

...

Step 1: Associate an API Key to your Issuance Template

Navigate to Issuance templates on the left menu. Find the desired Issuance template you want to test, click on the three dots

...

, and then click Edit.

...

Image Added

Once the issuance template opens, click on Add to API Key on the top right

...

.

...

Image Added

Fill up the API Key information:

  1. Select API Key: Select an API Key you want to associate with the new template created.

  2. Password: Insert the password provided when creating the API Key. If you lost your password, you could regenerate a new password from the API Keys menu.

  3. Callback: This field is optional and not needed for testing purposes. Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.

...

Image Added

Step 2: Link your wallet to your Sandbox

You need to link your Wallet with your Sandbox to test your Issuance Template and issue this credential into your Wallet. If you have not yet linked your Wallet with your Sandbox, click the Scan Now button to access the QR Code to join your

...

Sandbox. The

...

Sandbox will allow you to perform private and secure tests of the platform

...

.

Panel
bgColor#F4F5F7

You can skip to Step 3 (Generate a Testing QR) if you already linked your Wallet with your Sandbox

Image Added

Scan the QR code with your Wallet.

Image Added

You will see confirmation in your Wallet if the connexion with your

...

Sandbox has been successful

...

.

Image Added

Anchor
Step3-Issuance-TestQR
Step3-Issuance-TestQR
Step 3: Generate a testing QR

Now click on Generating test and scan the QR code generated to start testing.

...

Image Added

Scan the QR code

...

with your Wallet.

...

Image Added

Your Wallet will then ask

...

you to share the requested credentials.

...

Once you’ve given your consent, you will receive a notification that you’re credential needs to be verified first.

...

Click on consent.

Step 4: Manually issue your credential

As an organization, you have the option to make the issuance process automatic by means of internal integrations.

Panel
bgColor#F4F5F7

Jump to the tutorial on how to integrate SSI with your applications

Alternatively, you may issue a credential by filling up the information manually. This manual issuance is intended to facilitate testing of your issuance templates without the need to execute internal integrations.

To test a credential issuance template

...

When deciding to issue a credential when testing, you will need to fill in the information relative to this credential. This user data validation will depend on the type of credential to be issued.

Once the data is filled, click submit.

...

or to manually issue a credential, navigate to the Pending tab in the Credential Activity menu. Here you will see the list of credential issuance requests that users have done using one of your Issuance templates.

Image Added

Approving a request and issuing the credential

Rejecting a request

  1. Click on the green tick icon ✅

  2. Manually fill up the form with the claims associated to this user → For examples of credential schemas in JSON format refer to Verifiable Credentials - JSON Examples

  3. Click Submit button

Note: issued credentials will appear in the Issued tab.

  1. Click on the red cross icon (error)


The credential will now appear under Issued Credentials and in your Wallet.

Image Added
Image Added

The credential will now appear under Issued Credentials and in your Wallet.

...

Image Added
Image Added