You can configure a credential issuance process in a way where a client (mobile app user) is required to share specific credentials before being issued a new credential.
For example, a school can require a student to share their certificate of completion of a particular course before issuing them a credential that allows them to continue their education. So, the student has to meet the requirements before being issued the new credential.
Select Required credentials
To select the credentials the client (mobile app user) needs to share to complete this interaction, click the “Select” button next to the “Required credential definitions” field. This will open the “Required credentials” pop-up window.
Please note that If the trust level of the credential definition created by this service based on a particular schema is "self-attested," selecting the required credential based on the same schema is not possible.
Selecting Required credentials from the “Credential definitions” or “Schemas list”
The required credentials can be selected from either the list of "Credential Definitions" or the list of "Schemas."
If you choose "Schemas," your clients will have the option to share any credential created by any service based on that schema.
If you choose a specific credential definition, your clients will share with you the credential issued by one particular service based on that specified credential definition.
To set up the credentials that are required to be shared before issuing a credential, click on "Select" button in the "Required credential definitions" section on the "Add/Edit Interaction" page.
On the new pop-up window, choose either "Credential definitions" or "Schemas."
Find the name of the service that provides the required credential, select the credential definition/schema, and then choose the version of the schema based on which the required credential needs to be issued.
After selecting the credential definition/schema, the details of the selected option will appear on the right side of the current pop-up window.
Notification ID required credential
We recommend requesting the “Notification ID” (the credential provided by the ProofSpace ID service) on the initial interaction with every client. This will enable push notifications from the service.
Saving a required credentials list
When you have added all the required credentials, click on the "OK" button located in the bottom right corner of the current pop-up window.
Configuring selected Required credentials
Click on the selected required credential from the list.
This will allow you to specify the selective disclosure and zero-knowledge predicates.
Note that Atala PRISM credentials cannot be issued with configured zero-knowledge predicates and selective disclosure.
Selecting attributes to be disclosed
Claim last credential
The “Edit required credential” pop-up window will appear.
In this window, select the attributes you want to disclose from the “Attributes” list. If no attributes are selected, all attributes will be disclosed.
Select the "Claim last credential" checkbox to prompt for the most recent available client credential if they have multiple credentials of the same type.
Fill in an attribute by scanning QR code
Check the "Pre-filled from interaction QR code" checkbox to allow the client to scan a QR code and automatically fill in the attributes of the self-attested credential definition. This data will not be editable for your clients in the app.
Note that this option is only available for self-attested credential definitions that are set as required for interactions with initiation media "QR". Also, this feature requires the "SSI OAuth" feature to be activated for your service.
Add zero-knowledge predicates (ZKP)
A predicate is a logical expression that uses one or more parameters and returns a boolean result.
In other words, a predicate is an expression that determines whether something is true or false.
Predicates can only be configured on attributes with data types "Number" and "Date" for service-attested credentials.
The term "zero-knowledge" means that an interaction may not require a client to reveal the actual value of a credential attribute but instead prove the predicate upon the attribute.
For example, a client can prove that they are over 18 years old without disclosing their actual age or date of birth.
To set required proofs upon credential attributes, click on the "Predicates" tab and click the "+ Predicate" button. Select the attribute name from the drop-down list. Set up the necessary preconditions, click “Submit,“ and then click “Done“ to save the interaction.
You can edit or delete existing predicates.
Attributes used in predicates cannot be selected for disclosure.
Select Issued credentials
If you want to issue a credential to the client during this interaction, click on the "Select" button next to the "Issued credentials" field.
After clicking "Select" next to the "Issued credentials" field, the "Issued credentials" pop-up window will appear.
From there, you can choose the credential definition based on which you will issue your client the credential. Once you have selected the credential definition, detail of the selected issued credential definition will appear on the right side of the pop-up window.
Click "OK" to save the selection of the issued credential.
Edit issued credential template
Once you've selected the issued credential, you can configure the credential project by setting the rules of pre-filling attributes in it.
Click on the chosen issued credential’s name. The "Edit issued credential template" pop-up window will appear.
Pre-fill Rules for Attributes
Select the check box next to the issued credential's attribute name, the value of which should be automatically pre-filled and displayed in the issued credential.
Two additional fields will appear next to this attribute.
Selecting the source for the attribute’s pre-filled data
Select the source for the attribute’s pre-filled data from the drop-down list.
There are five different data sources to pre-fill the attribute:
If “Constant” is selected, the attribute will be pre-filled with the constant value specified in the adjacent field;
If "Parameter" is selected, an additional field will be added. Select the parameter as a value to pre-fill this attribute;
See more information in the “Parameters and instances“ section of our Knowledge base.
When selecting the “From existing credential” option, two additional fields will appear. In the first field, enter the data input source, and in the second field, specify the attribute name from which the issued project attribute will receive the pre-filled value.
If “Unique autogenerated” is selected, the pre-filled attribute value will be a unique numerical value starting from 1.
If "Random" is selected, the pre-filled attribute value will be random (depending on the attribute data type).
Attributes without pre-filled data
If the checkbox next to the attribute name is not selected, the corresponding attribute will not receive a pre-filled value. In this case, the dashboard operator will need to manually fill in the required data for this attribute.
Manual credential issuance
If the “Manual review” checkbox is not selected and pre-fill rules are set for all attributes, the credential will be issued automatically.
To issue the credential manually, select the “Manual review” checkbox.
When all the details are added on this page, click the "Submit" button.