The verifiable authorisation to onboard is a verifiable credential that can be issued only by a Trusted Issuer registered in EBSI, and it allows the subject to register a DID Document in the DID Registry.
Load the issuer
Load the keys of the Trusted Issuer:
==> using user ES256K did1 <ISSUER_PRIVATE_KEY_ES256K> <ISSUER_DID>
==> using user ES256 did1 <ISSUER_PRIVATE_KEY_ES256> <ISSUER_DID>
Before issuing the credential, run the following commands to set the user accreditation URL and accreditation ID.
==> set user.accreditationUrl ACCREDITATION_URL
ACCREDITATION_URL is the link (located in the Trusted Issuers Registry) to the credential that authorises the entity to issue other credentials.
Now connect the wallet with the pilot environment:
==> env pilot
Define VC payload
Create a JSON file with this payload and fill it accordingly:
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"VerifiableAuthorisationToOnboard"
],
"issuer": "did:ebsi:zZeKyEJfUTGwajhNyNX928z",
"credentialSubject": {
"id": "did:ebsi:zzcJJuM4Z4AUKdL8kdMEKNw",
"accreditedFor": []
},
"termsOfUse": {
"id": "https://api-pilot.ebsi.eu/trusted-issuers-registry/v5/issuers/did:ebsi:zZeKyEJfUTGwajhNyNX928z/attributes/cf89e47e260eda53bb199096ca97347790c84d2c8a5f2ce3f411eaba14d0003e",
"type": "IssuanceCertificate"
},
"credentialSchema": {
"id": "https://api-pilot.ebsi.eu/trusted-schemas-registry/v3/schemas/z3MgUFUkb722uq4x3dv5yAJmnNmzDFeK5UC8x83QoeLJM",
"type": "FullJsonSchemaValidator2021"
}
}
Now import it in the CLI tool:
==> payloadVcOnboard: load path-to-file.json
Create and sign the VC
Finally, use this payload to create and sign the VC:
==> compute createVcJwt payloadVcOnboard {} ES256
Please note that this credential is signed with the ES256 key, not the ES256K key.
You have issued a verifiable credential to onboard. Now you can share the credential with the legal entity to be able to register the DID.
Script to issue a VC to onboard
The CLI tool is equipped with a script to simplify the process to issue a VerifiableAuthorisationToOnboard
. First, setup your wallet and then run:
==> run issueVcOnboard DID_SUBJECT