Skip to main content
European CommissionEBSI European Blockchain
Get Help

Issue VC to Onboard

The verifiable authorisation to onboard is a verifiable credential that can be issued only by a Trusted Issuer registered in EBSI, and it allows the subject to register a DID Document in the DID Registry.

Load the issuer

Load the keys of the Trusted Issuer:

Command
==> using user ES256K did1 <ISSUER_PRIVATE_KEY_ES256K> <ISSUER_DID>
==> using user ES256 did1 <ISSUER_PRIVATE_KEY_ES256> <ISSUER_DID>

Before issuing the credential, run the following commands to set the user accreditation URL and accreditation ID.

Command
==> set user.accreditationUrl ACCREDITATION_URL
==> set user.accreditationId ACCREDITATION_ID
info

ACCREDITATION_URL is the link (located in the Trusted Issuers Registry) to the credential that authorises the entity to issue other credentials.

ACCREDITATION_ID is the terminal segment of the URL, only the identifier.

Now connect the wallet with the pilot environment:

Command
==> env pilot

Define VC payload

Create a JSON file with this payload and fill it accordingly:

{
  "@context": ["https://www.w3.org/2018/credentials/v1"],
  "type": [
    "VerifiableCredential",
    "VerifiableAttestation",
    "VerifiableAuthorisationToOnboard"
  ],
  "issuer": "did:ebsi:zZeKyEJfUTGwajhNyNX928z",
  "credentialSubject": {
    "id": "did:ebsi:zzcJJuM4Z4AUKdL8kdMEKNw",
    "accreditedFor": []
  },
  "termsOfUse": {
    "id": "https://api-pilot.ebsi.eu/trusted-issuers-registry/v4/issuers/did:ebsi:zZeKyEJfUTGwajhNyNX928z/14bd0d26f3b05d825b91cede8b31068f4d3a3dfda7673e7d36ecfe9f9d402509",
    "type": "IssuanceCertificate"
  },
  "credentialSchema": {
    "id": "https://api-pilot.ebsi.eu/trusted-schemas-registry/v2/schemas/z3MgUFUkb722uq4x3dv5yAJmnNmzDFeK5UC8x83QoeLJM",
    "type": "FullJsonSchemaValidator2021"
  }
}

Now import it in the CLI tool:

Command
==> payloadVcOnboard: load path-to-file.json

Create and sign the VC

Finally, use this payload to create and sign the VC:

Command
==> compute createVcJwt payloadVcOnboard {} ES256

Please note that this credential is signed with the ES256 key, not the ES256K key.

Congratulations!

You have issued a verifiable credential to onboard. Now you can share the credential with the legal entity to be able to register the DID.

Script to issue a VC to onboard

The CLI tool is equipped with a script to simplify the process to issue a VerifiableAuthorisationToOnboard. First, setup your wallet and then run:

Command
==> run issueVcOnboard DID_SUBJECT