# Notes on credential spec Kim 12/9/20
### Authentication Request
2020-12-13 23:16:30
```javascript=1
GET /covid_cred/auth HTTP/1.1
host: book.itsourweb.org:3000
client_id=https://book.itsourweb.org:3000/wallet/wallet.html
&redirect_uri=https://book.itsourweb.org:3000/wallet/wallet.html
&response_type=code
&nonce=WF2yOqdQSxGIGvEG6gL1Ww
&state=tok_ept=https%3A%2F%2Fbook.itsourweb.org%3A3000%2Fcovid_cred%2Ftoken&sub=urn%3Auuid%3Ae6920d9a-49ef-4f43-9d8e-9f7c6fcb3950
&scope=openid openid_credential
&sub=urn:uuid:e6920d9a-49ef-4f43-9d8e-9f7c6fcb3950
```
#### :memo: Line 9 - Establishing a persistent relationship between the wallet and the issuer
> Including a 'sub' establishes the crypto identifer which the credential issuer should associate with the holder. For example, a DID may be used so the holder can continue to access the issuer when her signature key changes over time
> If a sub is provided, the Credential Issuer MUST verify that this identifier is valid for the authorization dpop key used at the token and credential endpoints.
### Authentication Response
2020-12-13 23:16:36
```javascript=1
HTTP/1.1 302 Found
location: https://book.itsourweb.org:3000/wallet/wallet.html?
code=bxd4Q1J-zbkXJuRNL4qsW1fjr23K4z6xhbcfyQzL_eowx31gw3DxreRJMix7vZML
&state=tok_ept%3Dhttps%253A%252F%252Fbook.itsourweb.org%253A3000%252Fcovid_cred%252Ftoken%26sub%3Durn%253Auuid%253Ae6920d9a-49ef-4f43-9d8e-9f7c6fcb3950
access-control-allow-origin: https://book.itsourweb.org:3000
vary: Origin, Accept
content-type: text/html; charset=utf-8
content-length: 594
```
### Token Request
2020-12-13 23:16:37
```javascript=1
POST /covid_cred/token HTTP/1.1
host: book.itsourweb.org:3000
dpop: eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IlJTMjU2IiwiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoiMGdHc1ZpNDdDWUhNZnE5d3Exel9Zanp6dXJ5UGRwOC1RSkpzMHlra2RsUkJxVXNTazVNTWZmbkZLUkQySUJXUXJ4QkFobGdjZndiWGprQ2NCOVNTdk9TWUUzY05lYjM2cTNEY1kzcVZ5RTJJdC1XTThET3FzN3BpbW52YU9la0NzOUpKYnFJYnVfampxZjVvcG0zWTB5N042UXVLVnNUeHo2VVI1d3docEZTY0ZsbEQ1SG53YWhDZi1fempqcDRfcjg1VEowUUlJcHk3THB5aDBaVndaVVZ5azcwYlY2endEbGxSc2djTTBLb1FvNmpfQkIwMzFJWERDYTRuRVYwbGU1RTRLVy1LelQ5di0xYVR4RV9FZThlYWQtX0VDNlV6ZlFoQWxPUmdFdUtrcTlFRk92U3VlZUFvV3FwekdMSk1VYWxqb2VEUkUzV1Z3YjdBSzE3UUt3In0.eyJqdGkiOiI2NEFXVFg0MjVuZnFnRHpDZUh3X3hBIiwiaHRtIjoiUE9TVCIsImh0dSI6Imh0dHBzOi8vYm9vay5pdHNvdXJ3ZWIub3JnOjMwMDAvY292aWRfY3JlZC90b2tlbiIsImlhdCI6MTYwNzkxOTM5N30.fMOpMPM_aSa459KA_Z1I51ofu64v2cxaPLw3_2EExpnz64UFd9N8u99BzI4JJYxID1Mfo1NEKUzcge9_5JqNQal7gwSaAV-0wowjpi2or9Y1hsfOson359O2HcihuRy-ATBT-L3oScFzrV2ZI3HIhnkGC-pSO9wIdmRNXD6PCdKL7SCjsAB7VITYQ5G_yBuhQEpSKLhqj_5lmJ1vN0O8YdotCiwkH40_bi-ExBsFUPBLSVhxGx8iZB6JU_EWJDA21Ai1a70aixsxxVEw5vntUZwCK6U3b7RoTXrWbFkGRipwAUh0ERh7zyJB6tmZAANVcNOqJiuKyQjV21Bb2qSvHw
content-type: application/x-www-form-urlencoded
{
"grant_type": "authorization_code",
"code": "bxd4Q1J-zbkXJuRNL4qsW1fjr23K4z6xhbcfyQzL_eowx31gw3DxreRJMix7vZML",
"redirect_uri": "/wallet/wallet.html"
}
Decoded dpop header:
{
"typ": "dpop+jwt",
"alg": "RS256",
"e": "AQAB",
"kty": "RSA",
"n": "0gGsVi47CYHMfq9wq1z_YjzzuryPdp8-QJJs0ykkdlRBqUsSk5MMffnFKRD2IBWQrxBAhlgcfwbXjkCcB9SSvOSYE3cNeb36q3DcY3qVyE2It-WM8DOqs7pimnvaOekCs9JJbqIbu_jjqf5opm3Y0y7N6QuKVsTxz6UR5wwhpFScFllD5HnwahCf-_zjjp4_r85TJ0QIIpy7Lpyh0ZVwZUVyk70bV6zwDllRsgcM0KoQo6j_BB031IXDCa4nEV0le5E4KW-KzT9v-1aTxE_Ee8ead-_EC6UzfQhAlORgEuKkq9EFOvSueeAoWqpzGLJMUaljoeDRE3WVwb7AK17QKw"
}
{
"jti": "64AWTX425nfqgDzCeHw_xA",
"htm": "POST",
"htu": "https://book.itsourweb.org:3000/covid_cred/token",
"iat": 1607919397
}
```
> Note - the dpop header demonstrates possession of the key consistent with the sub presented in the authorization request
### Token Response
2020-12-13 23:16:37
```javascript=1
HTTP/1.1 200 OK
access-control-allow-origin: *
vary: Origin
cache-control: no-store
pragma: no-cache
content-type: application/json; charset=utf-8
content-length: 1902
etag: W/"76e-UtTIShHSw3Wjj3t8fPB/5FHskVk"
{
"id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InVybjp1dWlkOjE3MWZmNDUyLTc2NjgtNDY1NC1hODQ5LTBiNWJkMzQ0OTNhMyJ9.eyJpc3MiOiJodHRwczovL2Jvb2suaXRzb3Vyd2ViLm9yZzozMDAwL2NvdmlkX2NyZWQiLCJhdWQiOiJodHRwczovL2Jvb2suaXRzb3Vyd2ViLm9yZzozMDAwL3dhbGxldC93YWxsZXQuaHRtbCIsImlhdCI6MTYwNzkxOTM5NywiZXhwIjoxNjA3OTE5NTE3LCJzdWIiOiJ1cm46dXVpZDplNjkyMGQ5YS00OWVmLTRmNDMtOWQ4ZS05ZjdjNmZjYjM5NTAiLCJ2Y19jb25zdGFudHMiOnsiQG9wdGlvbnMiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiLCJodHRwczovL2NvdmlkLm9yZy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiaHR0cHM6Ly9ib29rLml0c291cndlYi5vcmc6MzAwMC9zbWFydC1jcmVkZW50aWFsL0NvdmlkLUltbXVuaXR5VGVzdC1QVjciXSwiZGVzY3JpcHRpb24iOiJDdXJyZW50IGNvdmlkIGltbXVuaXphdGlvbiBzdGF0dXMifSwiaXNzdWVyX25hbWUiOiJUb3JvbnRvIENPVklEIFRlc3QgTGFiIiwiY2xhaW1fc291cmNlIjp7ImhvbGRlcl9zdWIiOiJ1cm46dXVpZDplNjkyMGQ5YS00OWVmLTRmNDMtOWQ4ZS05ZjdjNmZjYjM5NTAiLCJhY2Nlc3NfdG9rZW4iOiJ5OTF4ZTVJQlgycDNaSmJXQzFOTWVadlFaQS1ZZHNuQmFpYjJjbHRveFVqREFCQWNpX3pyZVp2RmlxSHlWQnR4IiwiZXhwaXJlcyI6MCwibWV0aG9kIjoicmVhbHRpbWUiLCJlbmRwb2ludCI6Imh0dHBzOi8vYm9vay5pdHNvdXJ3ZWIub3JnOjMwMDAvY292aWRfY3JlZC9jcmVkZW50aWFsIn0sInBlcnNvbmFfaW5mbyI6eyJjYXJkX3RpdGxlIjoiVG9yb250byBDT1ZJRCBUZXN0IExhYiIsInJlc291cmNlcyI6ImNhcmRfZGVzaWduIHNjb3BlX2NsYWltX21hcCB3YWxsZXRfcmVuZGVyIiwiY3JlZGVudGlhbF9kZXNjcmlwdGlvbiI6IkN1cnJlbnQgY292aWQgaW1tdW5pemF0aW9uIHN0YXR1cyIsImNyZWRlbnRpYWxfY29sb3JzIjoiIzExMjIzMyAjRkZGRkZGICM4ODk5QUEifSwibm9uY2UiOiJXRjJ5T3FkUVN4R0lHdkVHNmdMMVd3In0.D0je2p0KjM7UaTuMLLIXdiIkU258J-5frmJjgsr19k8qTwmb17lldK9u68fn0Xuvheh03-kozDqezqz7_k3xUrtvIz0iaqNAJPifyfcByO_BWjN86gMmm86acJk9dK59qxwH9xC7LbWaKRNuFN4gkBrY5sB8A2XYXCVk9R4zLrGf0JFhmA1mqLBd6qWSt0hCyFklRromgc8VB5odz-FFKeNqGConnDTZq_IAEZZRxFVEeveGJNhU3wYBTrD9Xw_Q7txfOVkddyBH6ujO9Khtd-w70XEe05EsNd7l9BiszhsxJHnjwZiUXi-1J3zipJRUQBrkOmAJwsgwODmESKCM9A",
"access_token": "y91xe5IBX2p3ZJbWC1NMeZvQZA-YdsnBaib2cltoxUjDABAci_zreZvFiqHyVBtx",
"token_type": "Bearer"
}
Decoded id_token:
{
"iss": "https://book.itsourweb.org:3000/covid_cred",
"aud": "https://book.itsourweb.org:3000/wallet/wallet.html",
"iat": 1607919397,
"exp": 1607919517,
"sub": "urn:uuid:e6920d9a-49ef-4f43-9d8e-9f7c6fcb3950",
"vc_constants": {
"@options": [
"https://www.w3.org/2018/credentials/v1",
"https://covid.org/v1"
],
"type": [
"VerifiableCredential",
"https://book.itsourweb.org:3000/smart-credential/Covid-ImmunityTest-PV7"
],
"description": "Current covid immunization status"
},
"issuer_name": "Toronto COVID Test Lab",
"claim_source": {
"holder_sub": "urn:uuid:e6920d9a-49ef-4f43-9d8e-9f7c6fcb3950",
"access_token": "y91xe5IBX2p3ZJbWC1NMeZvQZA-YdsnBaib2cltoxUjDABAci_zreZvFiqHyVBtx",
"expires": 0,
"method": "realtime",
"endpoint": "https://book.itsourweb.org:3000/covid_cred/credential"
},
"persona_info": {
"card_title": "Toronto COVID Test Lab",
"resources": "card_design scope_claim_map wallet_render",
"credential_description": "Current covid immunization status",
"credential_colors": "#112233 #FFFFFF #8899AA"
},
"nonce": "WF2yOqdQSxGIGvEG6gL1Ww"
}
```
> Note: the id_token obtained with an openid_credential scope contains the **Holder Configuration Data** the wallet requires to unambiguously represent the credential to the Holder and ensure she understands the information it releases. It also contains the data needed to match requests by relying parties to corresponding credentials and employ the credential endpoint to obtain credentials minted for specific relying parties.
### Credential Request
2020-12-13 23:17:02
> The main purpose of the credential endpoint is to return a verifiable credential minted for a specific pairwise credential sub.The credential_sub is spcified as a claim in the request, and a credential_sub_dpop is included as a header to prove the requestor controls the credential_sub and associated key.
```javascript=1
POST /covid_cred/credential HTTP/1.1
host: book.itsourweb.org:3000
authorization: Bearer y91xe5IBX2p3ZJbWC1NMeZvQZA-YdsnBaib2cltoxUjDABAci_zreZvFiqHyVBtx
content-type: application/x-www-form-urlencoded
credential_sub_dpop: eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IlJTMjU2IiwiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoieEg5Rkd0ZTJHZGxXN2V6UWpKM2ZSYTNXeGNTMFo3Rzk4WnprOHdFRElaUVdwcUZKZEVEUmRvMUNvTzBkYUZURFhzMzQyWVZyOXpRSjNpRzBzUmlxUll2dzNKbDRtUmU4YW5aVkM4UDExQ250a3BYRlJxOWVvcW1zSnFreWtlbk83OGVGMzBRS0ZPX0dMcEJjbk05Sjh5dTdHU2ZLc1BfLW45T0wxRjhHUE4wS1RzQnAyRzVSYUdpTmtEVUZGV3RNbFhMbTlDMmJXR0tfcm04Q3A2eC16eE1Kc1JFVjY5Z0dlRVJ6RVlNYVZOb2Y3MjYzZ2k3dVNJVWVBeVp4UW0zZTNPNnpLRzhyYUZwbHNGcHJiSmhuXzBDZ1E4b1UzWW5BRjF5TWJnckk4MnRYS1FCb0p3cGV3WDlSMjljajUzSjBNOFk1a2Rxcm1wX2J1amE2dnY0bmRRIn0.eyJqdGkiOiJ2VEFQRGhRSXVjVU94c1ViczBNVzNRIiwiaHRtIjoiR0VUIiwiaHR1IjoiaHR0cHM6Ly9ib29rLml0c291cndlYi5vcmc6MzAwMC9jb3ZpZF9jcmVkL2NyZWRlbnRpYWwiLCJpYXQiOjE2MDc5MTk0MjJ9.pkOT2nmb_C4O5_F5sK8UfXDidPc2Cp9ZaoI4CJnDbh3CgRwIUIas4GGF-OKUz2IrMZQVXgf_EzNMGeHluSz33Aeyk7Bk6ODzCRa1lyaevYHYZVV47QfMQ-XO54gpxK-m86f2Qkk6BUsCJW7SRzG_HOlYGtQfg2GzVvMPnZmeyoxd85P7Skr1uYnw4hXprNhC-7GDGArlUnVKM4WGM2pwmW8OYgkIAuvesD0oajgxVmKCSSMBSlIT7YtWyD33Dgf292HEU9U6f49B5gh3nxJwLYXKUyLyYtEGGUnQjYq8YhkmamqtD5piW93rS61ee3AJseD9Id4AnHUiLTo6o19Cxg
dpop: eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IlJTMjU2IiwiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoiMGdHc1ZpNDdDWUhNZnE5d3Exel9Zanp6dXJ5UGRwOC1RSkpzMHlra2RsUkJxVXNTazVNTWZmbkZLUkQySUJXUXJ4QkFobGdjZndiWGprQ2NCOVNTdk9TWUUzY05lYjM2cTNEY1kzcVZ5RTJJdC1XTThET3FzN3BpbW52YU9la0NzOUpKYnFJYnVfampxZjVvcG0zWTB5N042UXVLVnNUeHo2VVI1d3docEZTY0ZsbEQ1SG53YWhDZi1fempqcDRfcjg1VEowUUlJcHk3THB5aDBaVndaVVZ5azcwYlY2endEbGxSc2djTTBLb1FvNmpfQkIwMzFJWERDYTRuRVYwbGU1RTRLVy1LelQ5di0xYVR4RV9FZThlYWQtX0VDNlV6ZlFoQWxPUmdFdUtrcTlFRk92U3VlZUFvV3FwekdMSk1VYWxqb2VEUkUzV1Z3YjdBSzE3UUt3In0.eyJqdGkiOiI5S1F0bmdReHRwcGUwOGlHTzdCUTBRIiwiaHRtIjoiR0VUIiwiaHR1IjoiaHR0cHM6Ly9ib29rLml0c291cndlYi5vcmc6MzAwMC9jb3ZpZF9jcmVkL2NyZWRlbnRpYWwiLCJpYXQiOjE2MDc5MTk0MjJ9.rBAhTnzAvaJzrDKOzSkAmr4ZjOfiNhxvRlpmzBWr_zx69EO0lanBCiRxgPdp05mGw-elFKa5H7y3w_Bp7TEVre3gcv-XHGY4HyvF6fqliSUsfViI0Z0cHmwAdmLlzmp1cxS8rZkkKh_d-hmYESo4SohH2cJL0RpRL1fMAn_xmakjFB3JKDFrFZpALGG1bKo8raYvU_qBcLMB1vE7GqHB6ScbEbQdBh8bbLyPTnSrLJi7QTBhEtiSaK_ven7cOIysE4H6e6VmLX6QZUi_Z72qnUhRSrm5bK80sgeCDgMbq0AsSlbFA_9ljz54knn_scBOwLhljTDDoxGZRsfHP9uxIQ
{
"credential_sub": "urn:uuid:dc000c79-6aa3-45f2-9527-43747d5962a5"
}
Decoded dpop header for authorization token:
{
"typ": "dpop+jwt",
"alg": "RS256",
"e": "AQAB",
"kty": "RSA",
"n": "0gGsVi47CYHMfq9wq1z_YjzzuryPdp8-QJJs0ykkdlRBqUsSk5MMffnFKRD2IBWQrxBAhlgcfwbXjkCcB9SSvOSYE3cNeb36q3DcY3qVyE2It-WM8DOqs7pimnvaOekCs9JJbqIbu_jjqf5opm3Y0y7N6QuKVsTxz6UR5wwhpFScFllD5HnwahCf-_zjjp4_r85TJ0QIIpy7Lpyh0ZVwZUVyk70bV6zwDllRsgcM0KoQo6j_BB031IXDCa4nEV0le5E4KW-KzT9v-1aTxE_Ee8ead-_EC6UzfQhAlORgEuKkq9EFOvSueeAoWqpzGLJMUaljoeDRE3WVwb7AK17QKw"
}
{
"jti": "9KQtngQxtppe08iGO7BQ0Q",
"htm": "GET",
"htu": "https://book.itsourweb.org:3000/covid_cred/credential",
"iat": 1607919422
}
Decoded dpop header for credential_sub:
{
"typ": "dpop+jwt",
"alg": "RS256",
"e": "AQAB",
"kty": "RSA",
"n": "xH9FGte2GdlW7ezQjJ3fRa3WxcS0Z7G98Zzk8wEDIZQWpqFJdEDRdo1CoO0daFTDXs342YVr9zQJ3iG0sRiqRYvw3Jl4mRe8anZVC8P11CntkpXFRq9eoqmsJqkykenO78eF30QKFO_GLpBcnM9J8yu7GSfKsP_-n9OL1F8GPN0KTsBp2G5RaGiNkDUFFWtMlXLm9C2bWGK_rm8Cp6x-zxMJsREV69gGeERzEYMaVNof7263gi7uSIUeAyZxQm3e3O6zKG8raFplsFprbJhn_0CgQ8oU3YnAF1yMbgrI82tXKQBoJwpewX9R29cj53J0M8Y5kdqrmp_buja6vv4ndQ"
}
{
"jti": "vTAPDhQIucUOxsUbs0MW3Q",
"htm": "GET",
"htu": "https://book.itsourweb.org:3000/covid_cred/credential",
"iat": 1607919422
}
```
### Credential Result
2020-12-13 23:17:02
```javascript=1
HTTP/1.1 200 OK
access-control-allow-origin: https://book.itsourweb.org:3000
vary: Origin
cache-control: no-store
pragma: no-cache
content-type: application/jwt; charset=utf-8
access-control-allow-credentials: true
content-length: 1367
etag: W/"557-nC091Q2fMSrQppkdaESzGR9h7zg"
{
"credential": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InVybjp1dWlkOjE3MWZmNDUyLTc2NjgtNDY1NC1hODQ5LTBiNWJkMzQ0OTNhMyJ9.eyJzdWIiOiJ1cm46dXVpZDpkYzAwMGM3OS02YWEzLTQ1ZjItOTUyNy00Mzc0N2Q1OTYyYTUiLCJpc3MiOiJodHRwczovL2Jvb2suaXRzb3Vyd2ViLm9yZzozMDAwL2NvdmlkX2NyZWQiLCJpYXQiOjE2MDc5MTk0MjIsImV4cCI6MTYwODA5MjIyMiwiYXVkIjoiaHR0cHM6Ly9ib29rLml0c291cndlYi5vcmc6MzAwMC93YWxsZXQvd2FsbGV0Lmh0bWwiLCJqdGkiOiJ1cm46dXVpZDozM2NhNWUwNC02YWM1LTQ1ZTctOGRhMy1iZTAxMjUwN2NkNTgiLCJ2YyI6eyJAb3B0aW9ucyI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSIsImh0dHBzOi8vY292aWQub3JnL3YxIl0sInR5cGUiOlsiVmVyaWZpYWJsZUNyZWRlbnRpYWwiLCJodHRwczovL2Jvb2suaXRzb3Vyd2ViLm9yZzozMDAwL3NtYXJ0LWNyZWRlbnRpYWwvQ292aWQtSW1tdW5pdHlUZXN0LVBWNyJdLCJkZXNjcmlwdGlvbiI6IkN1cnJlbnQgY292aWQgaW1tdW5pemF0aW9uIHN0YXR1cyIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7Il9kaXNwbGF5IjoiU3RhdHVzOiBBd2FpdGluZyBSZXN1bHRzIFxyXG5CYXNlZCBvbiBzYW1wbGUgMTk0MiB0YWtlbiBTdW4sIERlYyAxMywgMjAyMCIsImRhdGUiOiJTdW4sIERlYyAxMywgMjAyMCIsInNhbXBsZSI6IjE5NDIiLCJzdGF0dXMiOiJBd2FpdGluZyBSZXN1bHRzIn19fQ.sESu9bewOr5zF1o__gRetSMev5zNk5jmb0jHWLpnJi6-emjaQbHzAAsX-IRRUIaDbYX-hvjaVI6FuYYjeyYdykpIY8198dsFZws1-9uI83u00QY-d-E3hypPb19bat7kMFlGAl49kPmiiMuFsBwVttIzzYt5WP4OLHh2D0LITsEof1WdPWg7m1-m6yrgV-TFgfNS6amAeQ5pQaGSCNEh9x7YIRZ3YkEUMUj-HPrXAxzp3nEWrzT1-PWnPOW6xGtENipqdepd4yUwFqLGVAB5zDqkiR3wX0YwI0Z12-gtf4ZTM5MKgTOLNUlYtDl3Qv3azyvs-caLwtbCo1ytRcqxQQ"
}
Decoded credential:
{
"sub": "urn:uuid:dc000c79-6aa3-45f2-9527-43747d5962a5",
"iss": "https://book.itsourweb.org:3000/covid_cred",
"iat": 1607919422,
"exp": 1608092222,
"aud": "https://book.itsourweb.org:3000/wallet/wallet.html",
"jti": "urn:uuid:33ca5e04-6ac5-45e7-8da3-be012507cd58",
"vc": {
"@options": [
"https://www.w3.org/2018/credentials/v1",
"https://covid.org/v1"
],
"type": [
"VerifiableCredential",
"https://book.itsourweb.org:3000/smart-credential/Covid-ImmunityTest-PV7"
],
"description": "Current covid immunization status",
"credentialSubject": {
"_display": "Status: Awaiting Results \r\nBased on sample 1942 taken Sun, Dec 13, 2020",
"date": "Sun, Dec 13, 2020",
"sample": "1942",
"status": "Awaiting Results"
}
}
}
```
### Credential Request
2020-12-13 23:16:37
> Additionally, the Credential endpoint can return supplementary data useful to the wallet by providing agreed request claims such as "Resources" in the following example:
```javascript=1
POST /covid_cred/credential HTTP/1.1
host: book.itsourweb.org:3000
dpop: eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IlJTMjU2IiwiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoiMGdHc1ZpNDdDWUhNZnE5d3Exel9Zanp6dXJ5UGRwOC1RSkpzMHlra2RsUkJxVXNTazVNTWZmbkZLUkQySUJXUXJ4QkFobGdjZndiWGprQ2NCOVNTdk9TWUUzY05lYjM2cTNEY1kzcVZ5RTJJdC1XTThET3FzN3BpbW52YU9la0NzOUpKYnFJYnVfampxZjVvcG0zWTB5N042UXVLVnNUeHo2VVI1d3docEZTY0ZsbEQ1SG53YWhDZi1fempqcDRfcjg1VEowUUlJcHk3THB5aDBaVndaVVZ5azcwYlY2endEbGxSc2djTTBLb1FvNmpfQkIwMzFJWERDYTRuRVYwbGU1RTRLVy1LelQ5di0xYVR4RV9FZThlYWQtX0VDNlV6ZlFoQWxPUmdFdUtrcTlFRk92U3VlZUFvV3FwekdMSk1VYWxqb2VEUkUzV1Z3YjdBSzE3UUt3In0.eyJqdGkiOiJ1YkVrQmdjenFtaTJncHg4cUNqQkF3IiwiaHRtIjoiR0VUIiwiaHR1IjoiaHR0cHM6Ly9ib29rLml0c291cndlYi5vcmc6MzAwMC9jb3ZpZF9jcmVkL2NyZWRlbnRpYWwiLCJpYXQiOjE2MDc5MTkzOTd9.oxwOuXR4JMqf9YiI89VagHb3dt6aCg6UnB048gboZe_HVWA9FgLZb1i1cEIyTye19JZwafyK9YaKAD8H161smnXwFuTtPEznyoLrEXuS0iY5lAq2TOs27BkFUOLrTOlAxQZNGBv7Udch5CGH6N0fSzjWazGw-9Z0EFTpf38uvhK4G114xgHghKNpdl5R_32c5x5YeHza9LNVAYgj8cF3zXTilGB3rU5m1g867Y5-pF0Qbxwz7nI9ocl7knvbSiAvZRioAU6Bk3On9Qsp9EdA5MhmRgZaotNYtDJyqjKWGpHpmLxzylJ7-VDH8DxdrnFFB0C1VxEnD6ZrjjUSdj2ziw
authorization: Bearer y91xe5IBX2p3ZJbWC1NMeZvQZA-YdsnBaib2cltoxUjDABAci_zreZvFiqHyVBtx
content-type: application/x-www-form-urlencoded
{
"resources": "card_design wallet_render"
}
Decoded dpop header for authorization token:
{
"typ": "dpop+jwt",
"alg": "RS256",
"e": "AQAB",
"kty": "RSA",
"n": "0gGsVi47CYHMfq9wq1z_YjzzuryPdp8-QJJs0ykkdlRBqUsSk5MMffnFKRD2IBWQrxBAhlgcfwbXjkCcB9SSvOSYE3cNeb36q3DcY3qVyE2It-WM8DOqs7pimnvaOekCs9JJbqIbu_jjqf5opm3Y0y7N6QuKVsTxz6UR5wwhpFScFllD5HnwahCf-_zjjp4_r85TJ0QIIpy7Lpyh0ZVwZUVyk70bV6zwDllRsgcM0KoQo6j_BB031IXDCa4nEV0le5E4KW-KzT9v-1aTxE_Ee8ead-_EC6UzfQhAlORgEuKkq9EFOvSueeAoWqpzGLJMUaljoeDRE3WVwb7AK17QKw"
}
{
"jti": "ubEkBgczqmi2gpx8qCjBAw",
"htm": "GET",
"htu": "https://book.itsourweb.org:3000/covid_cred/credential",
"iat": 1607919397
}
```
### Credential Result
2020-12-13 23:16:37
```javascript=1
HTTP/1.1 200 OK
access-control-allow-origin: https://book.itsourweb.org:3000
vary: Origin
cache-control: no-store
pragma: no-cache
content-type: application/jwt; charset=utf-8
access-control-allow-credentials: true
content-length: 20396
etag: W/"4fac-TCERu/BqfNP9uDbHjkEqrLqMNQs"
{
"resources": {
"card_design": "data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEAeAB4AA...ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFegfs0f8AJQLj/sHSf+jIq8/r0D9mj/koFx/2DpP/AEZFV0/iR6eT/wC+0/X/ADPP6KKKg8wKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAr0D9mj/koFx/2DpP8A0ZFXn9egfs0f8lAuP+wdJ/6Miq6fxI9PJ/8Afafr/mef0UUVB5gUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABXoH7NH/JQLj/sHSf8AoyKvP69A/Zo/5KBcf9g6T/0ZFV0/iR6eT/77T9f8z//Z",
"wallet_render": " <hr class=\"mb-3\">\r\n <h5 class=\"mb-3\" scopes=\"openid\">COVID IMMUNITY</h5>\r\n <div class=\"mb-3\" scopes=\"openid\">\r\n <label for=\"given_name\">First Name</label>\r\n <input type=\"text\" class=\"form-control\" id=\"given_name\">\r\n </div>\r\n <div class=\"mb-3\" scopes=\"openid\">\r\n <label for=\"family_name\">Last Name</label>\r\n <input type=\"text\" class=\"form-control\" id=\"family_name\">\r\n </div>\r\n <div class=\"mb-3\" scopes=\"openid\">\r\n <label for=\"vc._display\">Current Immunity Score</label>\r\n <input type=\"text\" class=\"form-control\" id=\"vc._display\">\r\n </div>\r\n <div class=\"mb-3\" scopes=\"openid\">\r\n <label for=\"vc.sample\">Sample</label>\r\n <input type=\"text\" class=\"form-control\" id=\"vc.sample\">\r\n </div>\r\n <div class=\"mb-3\" scopes=\"openid\">\r\n <label for=\"photo\">photo</label>\r\n <img class=\"form-control\" id=\"photo\" style=\"height:auto;width:auto;max-width: 300px;max-height: 300px;\" >\r\n </div>\r\n\r\n"
}
}
```
Google Drive
Gist
Clipboard
Sign in with Wallet
