A Credential Definition is a structured list of attributes defined in the Credential Schema. Refer to the New Dashboard Credential Schemas Page for more information about credential schemas.
Credential Definitions can be categorized into two types: self-attested and service-attested.
Self-attested means that a client fills in the information in the app to send it to a service.
Service-attested means that a credential will be created, signed, and issued to a client by the service.
After attributes have been defined in the credential schema, you need to create a credential definition.
Features
| Description | Screenshots |
---|---|---|
Create Credential Definition | To create the Credential Definition, click the “Schemas” button on the main menu. | |
Choose the schema | Click the “My schemas” tab to use a schema intended for this service only, or click on the “Public schemas” tab to use a schema made by other services. | |
Click the “Create” button next to the selected schema’s name. | ||
Trust level | Check the “Self-attested” checkbox if the data in this credential will be provided by the client personally (without previous verification by any service). Click the “Service-attested” checkbox if this credential should be signed and issued by the service. | |
| Select the one-off checkbox to have the client of a mobile application fill in the credential attributes each time an interaction requiring this credential is executed. Note that this option is only accessible for self-attested credentials. | |
Set the authorized keys and IP prefixes for incoming credential issuing webhook requests from the third-party systems. | To configure the list of authorized IP prefixes and keys for web-hook requests to this service from third-party systems, click the "Add" button next to “Configuration of an incoming credential issuing webhook“ area. Then, on the "Edit external web hook access" pop-up window, click “Allowed IP Prifix.“ Add allowed IP prefixes (e.g. 192.168), and choose the key type and authentication type from the drop-down lists. Note that the key type "SHA secret" can be used only in auth type "Bearer Token". For more information about webhook and keys, see the https://zaka.atlassian.net/wiki/spaces/PSM/pages/2044985359 and visit Integration Webhooks API Overview. | |
Change attribute metadata | The "Schema details" details have previously been saved. You can change the attribute metadata and the order of the schema attributes. |
|
Change attribute metadata | The options for changing metadata include:
Note that the attribute ”Credential Issue Date” cannot be changed. | |
Change attribute metadata (continue) | To make changes on the credential definition’s metadata, click on desired attribute and make all the necessary changes. To make changes on the created credential definition’s metadata, click on desired credential ID, and make all the necessary changes. If you add all details, click “Create“ or “Done“ to save your changes. | |
Change attribute metadata (Updating “Enum“ type attribute) | If the data type used for for the current credential attribute is “Enumerated (E-num)”, you can edit or delete it’s values. To do so, click on the attribute you want to edit, and, on the pop-up window make all the necessary changes and click “Change.“ If you add all details, click “Create” or “Done“ to save your changes. | |
Change the order of the attributes | To rearrange the order of your schema attributes, hover the mouse cursor over the attribute you want to move, click, and drag the attribute to the desired location. Release the mouse button to set the new order. | |
Save Credential Definition | If all details are correct, click “Create” for create a credential definition or “Done“ for save the changes you’ve made to this credential definition. | |
| After you have created the credential definition, please note that it cannot be deleted. |
|
Find Credential Definition | You can find all your credential definitions in the section "My Credential Definitions" of the main menu’s "Schemas" page. | |
Adjust attributes metadata after Credential Definition has been created | After saving the credential definition, the credential definition's metadata can be adjusted. Click the “Schemas” tab of the main menu, select the “My credential Definitions“ tab and choose the credential definition you want to change by clicking on it’s ID. Make all necessary changes and click “Save.“ | |
Deprecate Credential Definition | If for any reason, you don't want the particular credential definition to be visible in the list of credential definitions, you may deprecate it. Click the "Edit" icon next to the credential definition’s name and tick the "Deprecate" checkbox in the "Update Credential Definition Meta Data" page. To see ALL credential definitions in those lists again, check the "Show deprecated" checkbox on the "Schemas" page. However, if you try to edit such an interaction, the system automatically removes the credentials based on a deprecated credential definition from the interaction's settings. To avoid it, tick the checkbox "Show deprecated." |