Skip to main content
European CommissionEBSI European Blockchain
Get Help

Issue VC to Onboard

The verifiable authorisation to onboard is a verifiable credential that can be issued only by a Trusted Issuer registered in EBSI, and it allows the subject to register a DID Document in the DID Registry.

Load the issuer

Load the keys of the Trusted Issuer:

Command
==> using user ES256K did1 <ISSUER_PRIVATE_KEY_ES256K> <ISSUER_DID>
==> using user ES256 did1 <ISSUER_PRIVATE_KEY_ES256> <ISSUER_DID>

Before issuing the credential, run the following commands to set the user accreditation URL and accreditation ID.

Command
==> set user.accreditationUrl ACCREDITATION_URL
info

ACCREDITATION_URL is the link (located in the Trusted Issuers Registry) to the credential that authorises the entity to issue other credentials.

Now connect the wallet with the pilot environment and switch to the upcoming APIs:

Command
==> env pilot
==> version upcoming

Define VC payload

Create a JSON file with this payload and fill it accordingly:

{
  "@context": ["https://www.w3.org/2018/credentials/v1"],
  "type": [
    "VerifiableCredential",
    "VerifiableAttestation",
    "VerifiableAuthorisationToOnboard"
  ],
  "issuer": "did:ebsi:zZeKyEJfUTGwajhNyNX928z",
  "credentialSubject": {
    "id": "did:ebsi:zy8Psj9ez9wrsSZ7vrHE221",
    "accreditedFor": []
  },
  "termsOfUse": {
    "id": "https://api-pilot.ebsi.eu/trusted-issuers-registry/v6/issuers/did:ebsi:zZeKyEJfUTGwajhNyNX928z/attributes/cf89e47e260eda53bb199096ca97347790c84d2c8a5f2ce3f411eaba14d0003e",
    "type": "IssuanceCertificate"
  },
  "credentialSchema": {
    "id": "https://api-pilot.ebsi.eu/trusted-schemas-registry/v4/schemas/z3MgUFUkb722uq4x3dv5yAJmnNmzDFeK5UC8x83QoeLJM",
    "type": "FullJsonSchemaValidator2021"
  }
}

Now import it in the CLI tool:

Command
==> payloadVcOnboard: load path-to-file.json

Create and sign the VC

Finally, use this payload to create and sign the VC:

Command
==> compute createVcJwt payloadVcOnboard {} ES256

Please note that this credential is signed with the ES256 key, not the ES256K key.

Congratulations!

You have issued a verifiable credential to onboard. Now you can share the credential with the legal entity to be able to register the DID.

Script to issue a VC to onboard

The CLI tool is equipped with a script to simplify the process to issue a VerifiableAuthorisationToOnboard. First, setup your wallet and then run:

Command
==> run issueVcOnboard DID_SUBJECT