Claimed Credentials
The claimed credentials page in Affinidi Vault allows you to view all the Verifiable Credentials (VCs) you have accepted from trusted 3rd-party issuers.
When requested by your application, the claimed credentials are shared with the user’s consent. They contain the attested data that you can use to simplify the onboarding process or your application workflow.
For example, if the user has completed a course from a training provider, they can issue a Verifiable Credential (VC) that contains details about the course and certifies their completion. You can request this VC to verify and onboard your users.

How claimed credential works
If an issuer wishes to issue a Verifiable Credential (VC) attesting a particular claim about you, for example, a course completion certificate, they create a credential offer. The credential offer contains information about the course, and a credential offer link will be sent to you so you can claim the credential from your Affinidi Vault.
As a user, if you visit the link to the credential offer, it redirects you to Affinidi Vault’s claim credential page. The Affinidi Vault exchanges the pre-authorisation
and transaction code
(if TX_CODE mode is selected) to get the access token needed to retrieve the credential offer.
Important Note
The claim process validates the DID of the current user’s Affinidi Vault if theholderDid
value is present in the credential offer regardless of the claim mode. It throws an error if the DID does not match.Below is the illustration of the claimed credential flow:
sequenceDiagram actor User participant Affinidi Vault participant Credential Issuance Service User->>Affinidi Vault: Enters the Transaction Code to view the Credential Offer Affinidi Vault->>Credential Issuance Service: Resolves Offer URI and get the Credential Offer with Access Token Note over Affinidi Vault, Credential Issuance Service: Affinidi Vault will exchange Trx Code and Pre-Auth Code <br /> for the Access Token to Get the Credential Credential Issuance Service->>Credential Issuance Service: Validate credential proof Credential Issuance Service->>Credential Issuance Service: Update Credential Offer as Claimed Credential Issuance Service->>Affinidi Vault: Return the Verifiable Credential Affinidi Vault->>User: Presented the Verifiable Credential User->>Affinidi Vault: Accepts the Verifiable Credential Affinidi Vault->>Affinidi Vault: Securely Stores the Verifiable Credential User->>Affinidi Vault: View the credential in Claimed credentials page
How a user can claim a credential offer
After creating the credential offer, it returns the offer_uri
that the issuer must securely send to the user to allow them to claim the credential in their Affinidi Vault. The issuer can email the claim link or embed it in a QR code.
If the claim mode selected is TX_CODE
, the issuer must securely send the transaction code to the user with the claim link. If it is FIXED_HOLDER
claim mode, the Decentralised Identifier (DID) associated with the user’s Affinidi Vault is validated if it matches the holderDid value provided in the credential offer.
The claim link will be in the following format with the URL encoded <OFFER_URI>
value:
https://vault.affinidi.com/claim?credential_offer_uri=<OFFER_URI>
As a user, once you visit the link, it will redirect you to the Affinidi Vault to retrieve and store the credential into your Affinidi Vault, making it viewable on the Claimed credentials page.
The Credential Configuration ID
configured on the Supported Schemas is the credential’s title in the Affinidi Vault. In our example, it is Membership.

Note
The credential offer is only valid for claims based on theLifetime of the Credential Offer
configured in the Credential Issuance configuration. If the user fails to claim the credential by this time, the issuer must create another credential offer.How to request claimed credentials from the user
To request the claimed credentials stored in the user’s Affinidi Vault, you have to define a presentation definition to query and ask for the user’s consent to share the data.
For example, in the Credential Issuance configuration shown below, the Membership
schema is added as one of the supported schema. You can use this schema to create a credential offer that users claim and store in one of the profiles available in their Affinidi Vault.

Once these Verifiable Credentials (VCs) are available in the user’s Affinidi Vault, you can request the same credential using the Affinidi Iota Framework and define the following presentation definition to query it.
{
"id": "membership_vc",
"input_descriptors": [
{
"id": "membership_vc",
"name": "Membership VC",
"purpose": "Check if Vault contains the required VC.",
"constraints": {
"fields": [
{
"path": [
"$.type"
],
"purpose": "Check if VC type is correct",
"filter": {
"type": "array",
"contains": {
"type": "string",
"pattern": "^Membership$"
}
}
}
]
}
}
]
}
In the above presentation definition, we are querying the Membership
VC stored in the user’s Affinidi Vault by specifying the credential type Membership
in the filter, which is the same Credential Type ID
configured in the Credential Issuance configuration.
Once the user consents to share the data from their Affinidi Vault, the Affinidi Vault generates the Verifiable Presentation token (vp_token) containing the VC and shares it with your application.
What’s next
Glad to hear it! Please tell us how we can improve more.
Sorry to hear that. Please tell us how we can improve.
Thank you for sharing your feedback so we can improve your experience.