Issue Credentials
This section explains how to issue verifiable credentials using Skippy's platform. Credential issuance is the process of creating and delivering digital credentials to recipients through a secure, standardized workflow.
Understanding the Issuance Workflow
The credential issuance process follows the OpenID for Verifiable Credential Issuance (OpenID4VCI) specification, which defines a standardized flow between issuers and holders.
What is a Credential Offer?
A credential offer is an invitation sent to a recipient to claim a verifiable credential. Think of it as a secure ticket that allows someone to receive a credential you've prepared for them.
How Offers Work
- You create the offer - When you issue a credential, Skippy generates a unique credential offer URI
- Offer is delivered - The offer URI is sent to the recipient via email, link, or QR code
- Recipient retrieves it - The holder opens the offer link in their compatible wallet
- Authentication happens - The wallet uses a pre-authorized code to prove it should receive this credential
- Credential is claimed - The wallet requests and receives the signed credential
Offer URI Format
openid-credential-offer://?credential_offer_uri=https://api.skippy.id/...
This URI contains all the information the holder's wallet needs to claim the credential, including:
- The issuer's endpoint
- The credential configuration
- A pre-authorized code for authentication
When is the Credential Actually Issued?
The credential is not issued when you create the offer. Instead, it's issued when:
- The holder's wallet retrieves the offer
- The wallet obtains an access token using the pre-authorized code
- The wallet requests the credential with proper authentication
- Skippy signs and delivers the credential to the wallet
This means the credential is issued on-demand when the holder claims it, not when you create the offer. This approach:
- Ensures the holder's wallet securely stores the credential
- Allows the holder to control when they receive credentials
- Enables holder binding (linking the credential to the holder's DID)
The Complete Issuance Flow
Step 1: Create Credential Offer (Issuer)
- Select template and enter recipient's email address
- Fill in credential attributes and generate offer URI
Step 2: Retrieve Offer (Holder)
- Receive offer via email/link/QR code
- Open in wallet and review credential details
Step 3: Issue Access Token (Issuer)
- Validate pre-authorization code from wallet
- Generate and return access token
Step 4: Receive Credential Request (Issuer)
- Receive request and validate access token
- Verify holder binding information (DID/key)
Step 5: Issue Credential (Issuer → Holder)
- Create and sign verifiable credential with issuer DID
- Deliver to holder's wallet for secure storage
Prerequisites
Before you can issue credentials, you need:
- A Project - Organize your credentials and manage issuer DIDs
- A Credential Template - Define the structure, attributes, and validation rules
- Recipient Information - Email address for delivering the credential offer
Issuance States
Throughout the issuance process, credentials move through several states:
- Offer Created - Initial offer generated
- Offer Retrieved - Holder opened the offer
- Access Token Requested - Wallet requested authentication
- Access Token Created - Wallet is authorized
- Credential Requested - Wallet requested the credential
- Completed - Credential successfully issued and delivered
- Error - Something went wrong in the process
Learn more about issuance states →
Next Steps
Issue Your First Credential
Follow our step-by-step guide to issue your first credential.
Batch Issuance
Issue multiple credentials efficiently using CSV upload.