Skip to main content

Register your accreditation in the Trusted Issuers Registry

This section will guide you on how to register your DID in the EBSI Issuers Registry (TIR) as the final step to becoming operational as a Trusted Issuer (TI).

The Trusted Issuers Registry (TIR) is a registry containing a list of Legal Entities that are authorised to issue certain types of credentials. After you have received the Verifiable Accreditation to Attest, you must complete the invitation by registering the credential into the Trusted Issuers Registry. The following steps will guide you through this process.

info

Consult the Trusted Issuer Registry API page for API instructions on how to register your DID on the TIR.

Step 1. Request Verifiable Accreditation To Attest

To receive an invitation from the EBSI Credential Issuer, you must first request a VerifiableAccreditationToAttest Verifiable Credential.

The Credential Issuer will then invite you to join the Trust Chain, reserving a location and issuing the VerifiableAccreditationToAttest for that specific location.

Step 2. Obtain tir_invite access token from the Authorisation API to write into the Trusted Issuers Registry

To request a tir_invite access token, you need to present proof of ownership of your Verifiable Accreditation to Attest to the EBSI Authorisation API.

API CALL

Follow this sequence of API calls to request a tir_invite access token:

  • GET Presentation definition: Begin by fetching the presentation definition for the tir_invite scope.
  • POST Token Endpoint: Create and submit a presentation according to the fetched definition that contains proof of ownership of your Verifiable Accreditation to Attest

For further details, please consult our 'How to obtain an access token' guide.

Upon successful submission, the EBSI Authorisation API will issue a short-lived, OAuth 2.0 compatible tir_invite access token.

Step 3. Register your Verifiable Accreditation to Attest

The invitation is accepted by registering your Verifiable Accreditation to Attest into the Trusted Issuers Registry.

The Verifiable Authorisation has a reservedAttributeId that defines the location where the authorisation must be registered into. You should build a setAttributeData transaction with attributeId from reservedAttributeId.

API CALL

The following endpoint must be used to register your Verifiable Accreditation to Attest into the TIR:

Upon successful submission, your wallet will receive an HTTP 200 transaction from the EBSI TIR Service to be signed. Once the transaction is signed, it is ready to be returned using the sendSignedTransaction method, which will broadcast the transaction to the ledger. In return, you will receive the transaction hash.

You can get the receipt of the transaction by calling the eth_getTransactionReceipt method of Ledger API's Besu endpoint.

Receipts for pending transactions are not available, therefore you will have to wait until the transaction has been processed � usually a few seconds. We recommend you to poll the eth_getTransactionReceipt method until the receipt is available.

Once the receipt is available, you can check the status field to know if the transaction succeeded (0x1) or failed (0x0). If the transaction failed, the revertReason field will give you insights about the reason for the failure. You can learn more about the format of the revert reason in Besu's documentation.

API CALL

The following endpoint must be used to send a signed transaction:

The following endpoint must be used to check the status of the transaction:

After the transaction has been completed, you are officially onboarded as a TI. Congratulations! ??

Learn more about it