Skip to main content

Overview

The credentials client manages W3C Verifiable Credentials and SD-JWT selective disclosures. Retrieve individual credentials, list with filters, verify credential JWTs, and create selective-disclosure presentations. Access the credentials client via client.credentials.

Get

Retrieve a single Verifiable Credential by its ID. 
from grantex import Grantex

with Grantex(api_key="gx_live_...") as client:
    vc = client.credentials.get("vc_01HXYZ...")

    print(f"ID: {vc.id}")
    print(f"Type: {vc.type}")
    print(f"Issuer: {vc.issuer}")
    print(f"Subject: {vc.subject}")
    print(f"Status: {vc.status}")
    print(f"Issued: {vc.issuance_date}")

Parameters

ParameterTypeRequiredDescription
credential_idstrYesThe unique credential identifier.

VerifiableCredential

FieldTypeDescription
idstrUnique credential identifier.
typetuple[str, ...]Credential types (always includes 'VerifiableCredential').
issuerstrDID of the credential issuer.
subjectstrDID of the credential subject (the holder).
issuance_datestrISO 8601 timestamp when the credential was issued.
expiration_datestr | NoneISO 8601 expiration timestamp, or None if no expiry.
statusstrCurrent status: 'active', 'revoked', or 'expired'.
jwtstrThe credential in compact JWT format.
claimsdict[str, Any]The credential subject claims.

List

List Verifiable Credentials with optional filters. 
from grantex import Grantex, ListCredentialsParams

with Grantex(api_key="gx_live_...") as client:
    result = client.credentials.list(ListCredentialsParams(
        principal_id="user_abc123",
        type="IdentityCredential",
        status="active",
        page=1,
        page_size=20,
    ))

    print(f"Total: {result.total}")
    for vc in result.credentials:
        print(f"  {vc.id}: {vc.type}")

ListCredentialsParams

ParameterTypeRequiredDescription
principal_idstr | NoneNoFilter credentials by principal (subject) ID.
typestr | NoneNoFilter by credential type (e.g., 'IdentityCredential').
statusstr | NoneNoFilter by status: 'active', 'revoked', 'expired'.
pageint | NoneNoPage number for pagination (default: 1).
page_sizeint | NoneNoResults per page (default: 20, max: 100).

ListCredentialsResponse

FieldTypeDescription
credentialslist[VerifiableCredential]List of Verifiable Credential objects.
totalintTotal number of matching credentials.

Verify

Verify a Verifiable Credential JWT. Checks signature, expiration, revocation status, and issuer trust chain. 
from grantex import Grantex

with Grantex(api_key="gx_live_...") as client:
    result = client.credentials.verify("eyJhbGciOiJFUzI1NiIs...")

    if result.valid:
        print(f"Issuer: {result.issuer}")
        print(f"Subject: {result.subject}")
        print(f"Claims: {result.claims}")
        print(f"Expires at: {result.expires_at}")
    else:
        print(f"Invalid: {result.reason}")

Parameters

ParameterTypeRequiredDescription
vc_jwtstrYesThe Verifiable Credential in compact JWT format.

VerifyCredentialResponse

FieldTypeDescription
validboolWhether the credential is valid.
issuerstr | NoneDID of the issuer (present when valid).
subjectstr | NoneDID of the subject (present when valid).
claimsdict[str, Any] | NoneCredential subject claims (present when valid).
expires_atstr | NoneISO 8601 expiration timestamp.
reasonstr | NoneReason for invalidity: 'expired', 'revoked', 'invalid_signature', 'untrusted_issuer'.

Present

Create a selective-disclosure presentation from an SD-JWT. Only the specified claims are disclosed. 
from grantex import Grantex, PresentCredentialParams

with Grantex(api_key="gx_live_...") as client:
    presentation = client.credentials.present(PresentCredentialParams(
        sd_jwt="eyJ0eXAiOiJ2YytzZC1qd3QiLC...",
        disclosed_claims=["name", "email"],
        audience="did:web:verifier.example.com",
        nonce="unique-request-nonce",
    ))

    print(f"Presentation JWT: {presentation.presentation_jwt}")
    print(f"Disclosed: {presentation.disclosed_claims}")
    print(f"Holder binding: {presentation.holder_binding}")

PresentCredentialParams

ParameterTypeRequiredDescription
sd_jwtstrYesThe SD-JWT credential to create a presentation from.
disclosed_claimslist[str]YesClaim names to disclose. All others remain hidden.
audiencestr | NoneNoIntended verifier DID or URL for the holder binding.
noncestr | NoneNoNonce for replay protection in the holder binding.

PresentCredentialResponse

FieldTypeDescription
presentation_jwtstrThe SD-JWT presentation containing only the disclosed claims.
disclosed_claimslist[str]The claim names that were disclosed.
holder_bindingstrThe key binding JWT proving holder possession.

Example: Credential Lifecycle

from grantex import Grantex, ListCredentialsParams, PresentCredentialParams

with Grantex(api_key="gx_live_...") as client:
    # List active credentials for a user
    result = client.credentials.list(ListCredentialsParams(
        principal_id="user_abc123",
        status="active",
    ))

    # Verify a specific credential
    vc = result.credentials[0]
    verification = client.credentials.verify(vc.jwt)
    if not verification.valid:
        raise ValueError(f"Credential invalid: {verification.reason}")

    # Create a selective-disclosure presentation
    presentation = client.credentials.present(PresentCredentialParams(
        sd_jwt=vc.jwt,
        disclosed_claims=["name", "email"],
        audience="did:web:verifier.example.com",
        nonce="unique-request-nonce",
    ))

    # Send presentation.presentation_jwt to the verifier
    print(f"Presentation ready: {len(presentation.disclosed_claims)} claims disclosed")