Verifiable credentials (or VCs) are a standard format for the digital representation of credentials (documents that collect attributes about a subject) that are cryptographically secure, verifiable through machines, and that guarantee privacy by enabling methods such as minimum disclosure.
With Gataca Studio you can create, validate, and digitally sign identity credentials according to W3C standards for global interoperability. To ensure credentials are shared and interpreted correctly, each of these credentials requires a template, the specific configuration of an issuance process.
You can easily create credential issuance templates to be implemented in your website and enjoy the flexibility of choosing the type of issued credential, the information it will contain, how users will be identified before the issuance happens, and other security features.
Below you can see the step-by-step tutorial on how to issue your first credential.
1. Create an Issuance Template
The issuance template is used to verify user information for the issuance of credentials.
When accessing Gataca Studio, you can create a new issuance template from the main dashboard or click "New issuance" in the issuance templates section.
Basic configuration
Issuance ID - Name the issuance template
The first step is to select your issuance template name (Issuance template identifier).
This name will be associated with the issuance process for users and will also serve as a reference to the credential the user is requesting when interacting with your platform.
Example:
Requester DID
By default, a DID has already been created for you (My DID). This DID can be selected for issuing your first issuance template. You can also decide to create a DID first (See the tutorial on creating DIDs).
Verifiable Credentials are associated with a specific DID as the owner or holder of that credential. In an SSI ecosystem, Issuers, Users, and Verifiers are all represented by one or more DIDs. As an issuer, you will have to select the DID you want to associate with this credential.
Example:
Issuance
Credential Types - How to select the credential type to be issued?
All verifiable credentials must declare their type in their template. The credential type distinguishes a verifiable credentials structure from other credentials, and it ensures interoperability between issuers and verifiers.
Gataca Studio covers a great number of credential types. Nevertheless, new credential types will be added soon.
Depending on the service you provide, select the most appropriate one.
Example:
Credential Attributes - What credential attributes should be included?
Credential attributes store and contain information about the identity and authorization capability of the subject of the credential.
Select which attributes or information will be contained in the credential that you will be issuing.
Example:
Requirements
Add credentials claims - What credentials should I request from the user?
Establish the data you will be requesting from your users in order to issue the credential.
This data must be necessary for you to verify your user before issuing the credential.
Scroll the list and tick those credentials you want to select, or use the search bar on top.
Example:
How to select required credentials and optional credentials
Required credentials mean that the information is critical to fulfilling the credential issuance. Any other nice-to-have information should be marked as optional.
From the list of credentials that you will be requesting, select those that will be required or will remain optional.
Example:
Constraints
Credential trust level - How to determine which credentials are trusted?
In this section, you will determine the level of trust you require from the requested credentials.
Example:
Credential data agreement - How to select the credential purpose
In this section, you will determine the reason why you are requesting the previously established credentials from your users. This will be shown to your users.
Example:
Security configuration
Security mechanisms that provide extra security features, such as 2FA via biometrics, OTPs, or in-app authentication.
The available security methods will depend on your subscription.
Successful configuration
How to add an issuance template to an API key
An API Key is a unique identifier and authentication key providing access to specific issuance and/or verification templates to your applications calling the Gataca Studio APIs.
Once you reach the end of creating an issuance template, you can select to add this template to an API Key.
When clicking on “Add to API Key“ a list of the available API keys for your templates will appear.
Select the API Key you want to associate with the new template created.
Insert the password provided when creating the API Key.
Callback: Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.
If this is your first template, the creation of an API Key will appear instead. Jump to the tutorial on creating an API Key.
Example
2. Create an API Key
On the API Keys section, click on “New API Key” and set the basic configuration:
API Key Name
Select the DID associated with the new API Key
Select the credential issuance template you want to associate with this API Key from the SSI Operations dropdown.
You will be presented with the ID and password of the API Key created.
Make sure to store the API key password in a secure place. Once you close this tab, you will not be able to retrieve the password, you will only be able to access the API Key ID in the API keys list.
3. Connect Wallet to Sandbox
The sandbox will allow you to perform private and secure tests of the platform.
You can access your Sandbox from the dashboard. Scan the QR provided with your wallet, and you’ll be in.
4. Test it
Once you reach the end of creating an issuance template, you can select to add this template to an API Key. Alternatively, on the issuance templates list, click on the three dots next to the issuance template you would like to test and select “Edit”.
Once the issuance template opens, on the top right, click on “Try it“.
Select the API Key you want to associate with the new template created.
Insert the password provided when creating the API Key.
Callback: Insert the URL of a service that is notified by a post notification with the session data when the session has been validated.
If you haven't joined your Sandbox, click the “Scan Now” button to access the QR Code and scan it with your wallet to test your configurations.
5. Integrate SSI with your application