Affinidi Vault User Data
List the available data points your application can request from the Affinidi Vault.
This page shows the available data points you can request from the user’s Vault using the Presentation Exchange (PEX) query.
Note
As a best practice for requesting data from the Affinidi Vault, you must always request only the data points or sets based on your application requirements.User Profile Individual Data Points
List of Verifiable Credentials for each field of the User Profile from the Vault. Please note that all these Verifiable Credentials for individual data points are currently self-issued by the user.
| Type | Path | Description |
|---|---|---|
| HITGivenName | $.credentialSubject.givenName | Given name(s) or first name(s) of the holder. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters. |
| HITFamilyName | $.credentialSubject.familyName | Surname(s) or last name(s) of the holder. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters. |
| HITMiddleName | $.credentialSubject.middleName | Middle name(s) of the holder. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used. |
| HITNickname | $.credentialSubject.nickname | Casual name of the Holder that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael. |
| HITBirthdate | $.credentialSubject.birthdate | Holders’s birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform’s date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates. |
| HITGender | $.credentialSubject.gender | Holder’s gender. |
| HITPhoneNumber | $.credentialSubject.phoneNumber | Holder’s preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234. |
| HITPicture | $.credentialSubject.picture | URL of the Holder’s profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the Holder suitable for displaying when describing the Holder, rather than an arbitrary photo taken by the Holder. |
| HITPostalCode | $.credentialSubject.postalCode | Zip code or postal code component. |
| HITStreetAddress | $.credentialSubject.streetAddress | Full street address component, which MAY include house number, street name, Post Office Box, and multi-line extended street address information. This field MAY contain multiple lines, separated by newlines. Newlines can be represented either as a carriage return/line feed pair ("\r\n") or as a single line feed character ("\n"). |
| HITCountry | $.credentialSubject.country | Country name component. |
| HITLocality | $.credentialSubject.locality | City or locality component. |
Sample Usage
{
"id": "vp_token_with_profile_vc",
"input_descriptors": [
{
"id": "profile_vc",
"name": "GivenName VC",
"purpose": "Check if data contains necessary fields",
"constraints": {
"fields": [
{
"path": [
"$.type"
],
"purpose": "Check if VC type is correct",
"filter": {
"type": "array",
"contains": {
"type": "string",
"pattern": "HITGivenName"
}
}
},
{
"path": [
"$.credentialSubject.givenName"
],
"purpose": "Check if VC contains givenName field",
"filter": {
"type": "string"
}
}
]
}
}
]
}Tip
If you only need to request a specific field from the Vault, use the Individual Data Points VC in the Presentation Definition (e.g. If you only want the Country data of the user, use the Country VC).User Profile Data Sets
List of Verifiable Credentials that combines related fields to form a data sets from the Vault. Please note that all these Verifiable Credentials for data sets are currently self-issued by the user.
Identity Set
Identity information of the Vault user.
Type: HITIdentity
| Path | Description |
|---|---|
$.credentialSubject.nickname | Casual name of the Holder that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael. |
$.credentialSubject.gender | Holder’s gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable. |
$.credentialSubject.birthdate | Holder’s birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform’s date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates. |
Fullname Set
Full name information of the Vault user.
Type: HITFullName
| Path | Description |
|---|---|
$.credentialSubject.familyName | Surname(s) or last name(s) of the Holder. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters. |
$.credentialSubject.givenName | Given name(s) or first name(s) of the Holder. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters. |
$.credentialSubject.middleName | Middle name(s) of the Holder. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used. |
$.credentialSubject.name | Holder’s full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the Holder’s locale and preferences. |
Address Set
Preferred postal address of the Vault user.
Type: HITAddress
| Path | Description |
|---|---|
$.credentialSubject.formatted | Full mailing address, formatted for display or use on a mailing label. This field MAY contain multiple lines, separated by newlines. Newlines can be represented either as a carriage return/line feed pair ("\r\n") or as a single line feed character ("\n"). |
$.credentialSubject.streetAddress | Full street address component, which MAY include house number, street name, Post Office Box, and multi-line extended street address information. This field MAY contain multiple lines, separated by newlines. Newlines can be represented either as a carriage return/line feed pair ("\r\n") or as a single line feed character ("\n"). |
$.credentialSubject.locality | City or locality component. |
$.credentialSubject.region | State, province, prefecture, or region component. |
$.credentialSubject.postalCode | Zip code or postal code component. |
$.credentialSubject.country | Country name component. |
Contacts Set
Contact information of the Vault user.
Type: HITContacts
| Path | Description |
|---|---|
$.credentialSubject.phoneNumber | Holder’s preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234. |
$.credentialSubject.email | Holder’s email. |
Sample Usage
{
"id": "vp_token_with_profile_vc",
"input_descriptors": [
{
"id": "profile_vc",
"name": "Identity VC",
"purpose": "Check if data contains necessary fields",
"constraints": {
"fields": [
{
"path": [
"$.type"
],
"purpose": "Check if VC type is correct",
"filter": {
"type": "array",
"contains": {
"type": "string",
"pattern": "HITIdentity"
}
}
},
{
"path": [
"$.credentialSubject.nickname"
],
"purpose": "Check if VC contains nickname field",
"filter": {
"type": "string"
}
},
{
"path": [
"$.credentialSubject.birthdate"
],
"purpose": "Check if VC contains birthdate field",
"filter": {
"type": "string"
}
},
{
"path": [
"$.credentialSubject.gender"
],
"purpose": "Check if VC contains gender field",
"filter": {
"type": "string"
}
}
]
}
}
]
}Liveness Check Data
Information about the Liveness check of the Vault user. This contains either True or False based on the result of the Liveness check. This Verifiable Credential is issued by Affinidi and we recommend to include the Issuer checking in the Presentation Definition if you are requesting this particular VC.
Liveness Check VC is only available for Google Chrome Extension users. If the Affinidi Vault user is using Web or Mobile App, this VC is not available to request.
Type: HITLivenessCheck
| Path | Description |
|---|---|
$.credentialSubject.livenessCheckPassed | A boolean field. Indicates whether holder passed liveness check. |
Sample Usage
{
"id": "vp_token_with_profile_vc",
"input_descriptors": [
{
"id": "profile_vc",
"name": "Liveness VC",
"purpose": "Check if data contains necessary fields",
"constraints": {
"fields": [
{
"path": [
"$.type"
],
"purpose": "Check if VC type is correct",
"filter": {
"type": "array",
"contains": {
"type": "string",
"pattern": "HITLivenessCheck"
}
}
},
{
"path": [
"$.credentialSubject.livenessCheckPassed"
],
"purpose": "Check if VC contains liveness field",
"filter": {
"type": "string"
}
},
{
"path": [
"$.issuer"
],
"purpose": "Check if VC Issuer is Trusted",
"filter": {
"type": "string",
"pattern": "^did:key:zQ3shtMGCU89kb2RMknNZcYGUcHW8P6Cq3CoQyvoDs7Qqh33N"
}
}
]
}
}
]
}Verified Email Data
Verified Email of the Vault user after successful registration. This Verifiable Credential is issued by Affinidi and we recommend to include the Issuer checking in the Presentation Definition if you are requesting this particular VC.
Type: Email
| Path | Description |
|---|---|
$.credentialSubject.email | Verified email address after successful registration to the Vault. |
Sample Usage
{
"id": "vp_token_with_email_vc",
"input_descriptors": [
{
"id": "email_vc",
"name": "Email VC",
"purpose": "Check if data contains necessary fields",
"constraints": {
"fields": [
{
"path": [
"$.type"
],
"purpose": "Check if VC type is correct",
"filter": {
"type": "array",
"contains": {
"type": "string",
"pattern": "Email"
}
}
},
{
"path": [
"$.credentialSubject.email"
],
"purpose": "Check if VC contains email field",
"filter": {
"type": "string"
}
},
{
"path": [
"$.issuer"
],
"purpose": "Check if VC Issuer is Trusted",
"filter": {
"type": "string",
"pattern": "^did:key:zQ3shtMGCU89kb2RMknNZcYGUcHW8P6Cq3CoQyvoDs7Qqh33N"
}
}
]
}
}
]
}Full User Profile Data
Full user profile data from the Vault. Please note that this Verifiable Credential is currently self-issued by the user.
Type: UserProfile
| Path | Description |
|---|---|
$.credentialSubject.givenName | Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the words being separated by space characters. |
$.credentialSubject.familyName | Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple or no family names; all can be present, with the words separated by space characters. |
$.credentialSubject.middleName | Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the words separated by space characters. Also, in some cultures, middle names are not used. |
$.credentialSubject.nickname | Casual name of the End-User may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a givenName value of Michael. |
$.credentialSubject.picture | URL of the End-User’s profile picture. This URL must refer to an image file (for example, a PNG, JPEG, or GIF image file) rather than to a Web page containing an image. Note that this URL should reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User. |
$.credentialSubject.birthdate | End-User’s birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. |
$.credentialSubject.gender | End-User’s gender. Values defined by this specification are female and male. Other values MAY be usable when neither of the specified values are applicable. |
$.credentialSubject.phoneNumber | End-User’s preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234. |
$.credentialSubject.address | Object type data. End-User’s preferred postal address. The value of the address member is a JSON [RFC4627] structure containing some or all of the members defined in Section 5.1.1. |
$.credentialSubject.address.streetAddress | Part of the address object. Complete street address component, which MAY include house number, street name, Post Office Box, and multi-line extended street address information. This field MAY contain multiple lines, separated by newlines. Newlines can be represented either as a carriage return/line feed pair ("\r\n") or as a single line feed character ("\n"). |
$.credentialSubject.address.postalCode | Part of the address object. Zip code or postal code component. |
$.credentialSubject.address.locality | Part of the address object. City or locality component. |
$.credentialSubject.address.country | Part of the address object. Country name component. |
$.credentialSubject.updatedAt | Time the End-User’s information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time. |
Sample Usage
{
"id": "vp_token_with_profile_vc",
"input_descriptors": [
{
"id": "email_vc",
"name": "Profile VC",
"purpose": "Check if data contains necessary fields",
"constraints": {
"fields": [
{
"path": [
"$.type"
],
"purpose": "Check if VC type is correct",
"filter": {
"type": "array",
"contains": {
"type": "string",
"pattern": "UserProfile"
}
}
},
{
"path": [
"$.credentialSubject.familyName"
],
"purpose": "Check if VC contains familyName field",
"filter": {
"type": "string"
}
},
{
"path": [
"$.credentialSubject.givenName"
],
"purpose": "Check if VC contains givenName field",
"filter": {
"type": "string"
}
}
]
}
}
]
}Learn more on how to request data from Affinidi Vault with the user’s consent and explore how to customise the Presentation Definition and ID Token Mapping for Affinidi Login implementation.
Was this page helpful?
Glad to hear it! Please tell us how we can improve more.
Sorry to hear that. Please tell us how we can improve.
Thank you for sharing your feedback so we can improve your experience.