> ## Documentation Index > Fetch the complete documentation index at: https://docs.grantex.dev/llms.txt > Use this file to discover all available pages before exploring further. # Credentials > Retrieve, verify, and present W3C Verifiable Credentials and SD-JWT selective disclosures. ## Overview The `credentials` sub-client manages W3C Verifiable Credentials and SD-JWT selective disclosures. You can retrieve individual credentials, list credentials with filters, verify credential JWTs, and create selective-disclosure presentations. ```typescript theme={null} // Get, list, verify, present const vc = await grantex.credentials.get('vc_01HXYZ...'); const all = await grantex.credentials.list({ principalId: 'user_abc123' }); const verification = await grantex.credentials.verify(vcJwt); const presentation = await grantex.credentials.present({ sdJwt, disclosedClaims: ['name', 'email'] }); ``` *** ## credentials.get() Retrieve a single Verifiable Credential by its ID. ```typescript theme={null} const vc = await grantex.credentials.get('vc_01HXYZ...'); console.log(vc.id); // 'vc_01HXYZ...' console.log(vc.type); // ['VerifiableCredential', 'IdentityCredential'] console.log(vc.issuer); // 'did:web:grantex.dev' console.log(vc.subject); // 'did:grantex:user_abc123' console.log(vc.issuanceDate); // '2026-03-01T00:00:00Z' console.log(vc.status); // 'active' console.log(vc.jwt); // compact JWT string ``` ### Parameters The unique credential identifier. ### Response: `VerifiableCredential` Unique credential identifier. Credential types (always includes `'VerifiableCredential'`). DID of the credential issuer. DID of the credential subject (the holder). ISO 8601 timestamp when the credential was issued. ISO 8601 timestamp when the credential expires, or `null` if it does not expire. Current status: `'active'`, `'revoked'`, or `'expired'`. The credential in compact JWT format. The credential subject claims (key-value pairs). *** ## credentials.list() List Verifiable Credentials with optional filters. ```typescript theme={null} const result = await grantex.credentials.list({ principalId: 'user_abc123', type: 'IdentityCredential', status: 'active', page: 1, pageSize: 20, }); console.log(result.credentials.length); // 3 console.log(result.total); // 3 for (const vc of result.credentials) { console.log(vc.id, vc.type); } ``` ### Parameters Filter credentials by principal (subject) ID. Filter by credential type (e.g., `'IdentityCredential'`, `'EmploymentCredential'`). Filter by credential status. Page number for pagination (default: 1). Number of results per page (default: 20, max: 100). ### Response: `ListCredentialsResponse` Array of Verifiable Credential objects. Total number of matching credentials. *** ## credentials.verify() Verify a Verifiable Credential JWT. Checks the signature, expiration, revocation status, and issuer trust chain. ```typescript theme={null} const result = await grantex.credentials.verify(vcJwt); if (result.valid) { console.log(result.issuer); // 'did:web:grantex.dev' console.log(result.subject); // 'did:grantex:user_abc123' console.log(result.claims); // { name: 'Alice', email: 'alice@example.com' } console.log(result.expiresAt); // '2027-03-01T00:00:00Z' } else { console.log(result.reason); // 'expired' | 'revoked' | 'invalid_signature' } ``` ### Parameters The Verifiable Credential in compact JWT format. ### Response: `VerifyCredentialResponse` Whether the credential is valid. DID of the credential issuer (present when valid). DID of the credential subject (present when valid). The credential subject claims (present when valid). ISO 8601 expiration timestamp, or `null` if the credential does not expire. Reason for invalidity (present when `valid` is `false`): `'expired'`, `'revoked'`, `'invalid_signature'`, or `'untrusted_issuer'`. *** ## credentials.present() Create a selective-disclosure presentation from an SD-JWT. Only the specified claims are disclosed in the resulting presentation JWT. ```typescript theme={null} const presentation = await grantex.credentials.present({ sdJwt: 'eyJ0eXAiOiJ2YytzZC1qd3QiLC...', disclosedClaims: ['name', 'email'], }); console.log(presentation.presentationJwt); // compact JWT with selective disclosures console.log(presentation.disclosedClaims); // ['name', 'email'] console.log(presentation.holderBinding); // key binding JWT ``` ### Parameters The SD-JWT credential to create a presentation from. List of claim names to disclose in the presentation. All other claims remain hidden. The intended verifier DID or URL. Included in the holder binding JWT if provided. A nonce value for replay protection in the holder binding. ### Response: `PresentCredentialResponse` The SD-JWT presentation containing only the disclosed claims. The claim names that were disclosed. The key binding JWT proving the holder's possession of the credential. *** ## Full example ```typescript theme={null} import { Grantex } from '@grantex/sdk'; const grantex = new Grantex({ apiKey: process.env.GRANTEX_API_KEY }); // List active credentials for a user const { credentials } = await grantex.credentials.list({ principalId: 'user_abc123', status: 'active', }); // Verify a specific credential const vc = credentials[0]; const verification = await grantex.credentials.verify(vc.jwt); if (!verification.valid) { throw new Error(`Credential invalid: ${verification.reason}`); } // Create a selective-disclosure presentation for a verifier const presentation = await grantex.credentials.present({ sdJwt: vc.jwt, disclosedClaims: ['name', 'email'], audience: 'did:web:verifier.example.com', nonce: 'unique-request-nonce', }); // Send presentation.presentationJwt to the verifier ```