Skip to main content
API Preview
Developers

REST API/Credentials

Credentials

W3C Verifiable Credential issuance, verification, and revocation.

7 endpoints

Endpoints

MethodPathAuth
GET/credentials/

List credentials

JWT
GET/credentials/.well-known/alter-keys.json

Public JWKS endpoint

Public
GET/credentials/{credential_id}

Get credential detail

JWT
POST/credentials/{credential_id}/revoke

Revoke a credential

JWT
GET/credentials/{credential_id}/verify

Verify a credential

Public
POST/credentials/issue

Issue a verifiable credential

JWT
GET/credentials/verify

Verify attestation token

Public

Endpoint Details

POST /credentials/issue

POST/credentials/issueJWT

Issue a new W3C Verifiable Credential for the current member. Platform admins may issue for any member; members can only issue self-attested credentials.

Request Example

json
{
  "credential_type": "trait_attestation",
  "attestation_tier": "self_attested",
  "claims": {
    "archetype_family": "Architect",
    "trait_coverage": 0.85
  },
  "expiry_days": 365
}

GET /credentials/

GET/credentials/JWT

List credentials for the current user. Cursor-paginated with optional status and type filters.

Query Parameters

NameTypeDescription
statusstringFilter by status (active, revoked, expired)
credential_typestringFilter by credential type
limitintegerPage size (max 100)
cursorstringPagination cursor

GET /credentials/{credential_id}

GET/credentials/{credential_id}JWT

Returns the full credential detail. Members see own; admins see all.

Path Parameters

NameTypeDescription
credential_id*stringCredential UUID

GET /credentials/{credential_id}/verify

GET/credentials/{credential_id}/verifyPublic

Public verification endpoint - verifies JWT signature, checks expiration and revocation status. No authentication required.

Path Parameters

NameTypeDescription
credential_id*stringCredential UUID

GET /credentials/verify

GET/credentials/verifyPublic

Stateless verification of compact attestation JWTs. Verifies the ES256 signature cryptographically without requiring the credential to exist in the database. Free and public.

Query Parameters

NameTypeDescription
token*stringCompact attestation JWT to verify
check_revocationbooleanWhether to check revocation status (default true)

POST /credentials/{credential_id}/revoke

POST/credentials/{credential_id}/revokeJWT

Revoke a credential. Only the owning member or a platform admin can revoke.

Path Parameters

NameTypeDescription
credential_id*stringCredential UUID

Request Example

json
{
  "reason": "Data no longer accurate"
}

GET /credentials/.well-known/alter-keys.json

GET/credentials/.well-known/alter-keys.jsonPublic

Returns the platform's ES256 public key in JWKS format for independent verification of compact attestation tokens.