Credentials

Overview

The Credentials service manages W3C Verifiable Credentials and SD-JWT selective disclosures. Retrieve individual credentials, list with filters, verify credential JWTs, and create selective-disclosure presentations.

Get

Retrieve a single Verifiable Credential by its ID.

vc, err := client.Credentials.Get(ctx, "vc_01HXYZ...")
if err != nil {
    log.Fatal(err)
}
fmt.Printf("ID: %s\n", vc.ID)
fmt.Printf("Type: %v\n", vc.Type)
fmt.Printf("Issuer: %s\n", vc.Issuer)
fmt.Printf("Subject: %s\n", vc.Subject)
fmt.Printf("Status: %s\n", vc.Status)

Parameters

Parameter	Type	Required	Description
`credentialID`	`string`	Yes	The unique credential identifier.

Response (`VerifiableCredential`)

Field	Type	Description
`ID`	`string`	Unique credential identifier.
`Type`	`[]string`	Credential types (always includes `"VerifiableCredential"`).
`Issuer`	`string`	DID of the credential issuer.
`Subject`	`string`	DID of the credential subject (the holder).
`IssuanceDate`	`string`	ISO 8601 timestamp when the credential was issued.
`ExpirationDate`	`*string`	ISO 8601 expiration timestamp, or `nil` if no expiry.
`Status`	`string`	Current status: `"active"`, `"revoked"`, or `"expired"`.
`JWT`	`string`	The credential in compact JWT format.
`Claims`	`map[string]any`	The credential subject claims.

List

List Verifiable Credentials with optional filters.

result, err := client.Credentials.List(ctx, grantex.ListCredentialsParams{
    PrincipalID: grantex.String("user_abc123"),
    Type:        grantex.String("IdentityCredential"),
    Status:      grantex.String("active"),
    Page:        grantex.Int(1),
    PageSize:    grantex.Int(20),
})
if err != nil {
    log.Fatal(err)
}
fmt.Printf("Total: %d\n", result.Total)
for _, vc := range result.Credentials {
    fmt.Printf("  %s: %v\n", vc.ID, vc.Type)
}

Parameters

Parameter	Type	Required	Description
`PrincipalID`	`*string`	No	Filter credentials by principal (subject) ID.
`Type`	`*string`	No	Filter by credential type (e.g., `"IdentityCredential"`).
`Status`	`*string`	No	Filter by status: `"active"`, `"revoked"`, `"expired"`.
`Page`	`*int`	No	Page number for pagination (default: 1).
`PageSize`	`*int`	No	Results per page (default: 20, max: 100).

Response (`ListCredentialsResponse`)

Field	Type	Description
`Credentials`	`[]VerifiableCredential`	Slice of Verifiable Credential objects.
`Total`	`int`	Total number of matching credentials.

Verify

Verify a Verifiable Credential JWT. Checks signature, expiration, revocation status, and issuer trust chain.

result, err := client.Credentials.Verify(ctx, vcJWT)
if err != nil {
    log.Fatal(err)
}
if result.Valid {
    fmt.Printf("Issuer: %s\n", *result.Issuer)
    fmt.Printf("Subject: %s\n", *result.Subject)
    fmt.Printf("Claims: %v\n", result.Claims)
} else {
    fmt.Printf("Invalid: %s\n", *result.Reason)
}

Parameters

Parameter	Type	Required	Description
`vcJWT`	`string`	Yes	The Verifiable Credential in compact JWT format.

Response (`VerifyCredentialResponse`)

Field	Type	Description
`Valid`	`bool`	Whether the credential is valid.
`Issuer`	`*string`	DID of the issuer (if valid).
`Subject`	`*string`	DID of the subject (if valid).
`Claims`	`map[string]any`	Credential subject claims (if valid).
`ExpiresAt`	`*string`	ISO 8601 expiration timestamp.
`Reason`	`*string`	Reason for invalidity: `"expired"`, `"revoked"`, `"invalid_signature"`, `"untrusted_issuer"`.

Present

Create a selective-disclosure presentation from an SD-JWT. Only the specified claims are disclosed.

presentation, err := client.Credentials.Present(ctx, grantex.PresentCredentialParams{
    SDJWT:           "eyJ0eXAiOiJ2YytzZC1qd3QiLC...",
    DisclosedClaims: []string{"name", "email"},
    Audience:        grantex.String("did:web:verifier.example.com"),
    Nonce:           grantex.String("unique-request-nonce"),
})
if err != nil {
    log.Fatal(err)
}
fmt.Printf("Presentation JWT: %s\n", presentation.PresentationJWT)
fmt.Printf("Disclosed: %v\n", presentation.DisclosedClaims)

Parameters

Parameter	Type	Required	Description
`SDJWT`	`string`	Yes	The SD-JWT credential to create a presentation from.
`DisclosedClaims`	`[]string`	Yes	Claim names to disclose. All others remain hidden.
`Audience`	`*string`	No	Intended verifier DID or URL for the holder binding.
`Nonce`	`*string`	No	Nonce for replay protection in the holder binding.

Response (`PresentCredentialResponse`)

Field	Type	Description
`PresentationJWT`	`string`	The SD-JWT presentation with only the disclosed claims.
`DisclosedClaims`	`[]string`	The claim names that were disclosed.
`HolderBinding`	`string`	The key binding JWT proving holder possession.

Overview

Authorization

Resources

Reference

Overview

Get

Parameters

Response (`VerifiableCredential`)

List

Parameters

Response (`ListCredentialsResponse`)

Verify

Parameters

Response (`VerifyCredentialResponse`)

Present

Parameters

Response (`PresentCredentialResponse`)

Overview

Authorization

Resources

Reference

​Overview

​Get

​Parameters

​Response (VerifiableCredential)

​List

​Parameters

​Response (ListCredentialsResponse)

​Verify

​Parameters

​Response (VerifyCredentialResponse)

​Present

​Parameters

​Response (PresentCredentialResponse)

Overview

Get

Parameters

Response (`VerifiableCredential`)

List

Parameters

Response (`ListCredentialsResponse`)

Verify

Parameters

Response (`VerifyCredentialResponse`)

Present

Parameters

Response (`PresentCredentialResponse`)