§ Credential Manifest 1.x Editor’s Draft

Specification Status: Working-Group Approved Draft

Latest Editor’s Draft: identity.foundation/credential-manifest

Stable Working-Group Approved Draft: identity.foundation/credential-manifest/spec/v1.0.0

Editors:

Daniel Buchner (Block)

Brent Zundel (Avast)

Jace Hensley (Bloom)

Daniel McGrogan (Workday)

Gabe Cohen (Block)

Kim Hamilton Duffy (Centre Consortium)

Participate:

GitHub repo

File a bug

Commit history

§ Abstract

For User Agents (e.g. wallets) and other service that wish to engage with Issuers to acquire credentials, there must exist a mechanism for negotiating (via services and interfaces that are out of scope) what inputs are required from a Subject to process a request for credential(s) issuance. The Credential Manifest is a common data format for describing the inputs a Subject must provide to an Issuer for subsequent evaluation and issuance of the credential(s) indicated in the Credential Manifest, i.e. for a Subject to become a Holder.

Credential Manifests do not themselves define the contents of the output credential(s), the process the Issuer uses to evaluate the submitted inputs, or the protocol Issuers, Subjects, and their User Agents rely on to negotiate credential issuance. Instead, Credential Manifests are a data model for issuers to publish and/or send individually to would-be holders, allowing the software of the latter to understand and negotiate an issuance process.

§ Status of This Document

Credential Manifest is a draft specification being developed within the Decentralized Identity Foundation (DIF). Design work on the Credential Manifest data model is ongoing, and participants are encouraged to open issues or otherwise contribute at the DIF-hosted github repository, whether as input to stable versions or as recommendations for future versions.

§ Terminology

Decentralized Identifiers

Unique ID URI string and PKI metadata document format for describing the cryptographic keys and other fundamental PKI values linked to a unique, user-controlled, self-sovereign identifier in a target system (i.e. blockchain, distributed ledger).

Claim

An assertion made about a Subject. Used as an umbrella term for Credential, Assertion, Attestation, etc.

Issuer

Issuers are entities that issue credentials to a Holder.

Holder

Holders are entities that receive credentials from Issuers, possibly first submitting proofs to the Issuer to satisfy the requirements described in a Presentation Definition. These interactions are facilitated by User Agents.

Credential Manifest

A Credential Manifest is a document, hosted by an Issuer and consumed by [[User Agents]], codifying the credentials that it issues in terms of pre-requisites and inputs. These can be static or dynamic, but their form and usage are detailed in this specification.

Presentation Definition

Presentation Exchange is a specification codifying a Presentation Definition data format Verifiers can use to articulate proof requirements in a Presentation Request, and a Presentation Submission data format Holders can use to describe proofs submitted in accordance with them.

Output Descriptor

Output Descriptors are used by an Issuer to describe the credentials they are offering to a Holder. See Output Descriptor

Output Descriptor Object

Output Descriptor Objects are populated with properties describing the Claims the Issuer is offering the Holder

Output Descriptor Display Object

Output Descriptor Display Objects are populated with Data Display properties from the Wallet Rendering specification.

Credential Application

Credential Application are objects embedded within target claim negotiation formats that pass information from the Holder to the Issuer. See Credential Application

Credential Response

Credential Responses are objects embedded within target claim negotiation formats that enable a binary response to a Credential Application. Fulfillments unify the presentation of Claims to a Holder in accordance with the output an Issuer specified in a Credential. Denials provide insight into why a given application did not result in a fulfillment. See Credential Response.

User Agent

User Agents are software, such as wallets or other services, acting on behalf of Holders, to facilitate credential acquisition and exchange. In the context of this specification, they retrieve Credential Manifests and interpret them to determine issuance requirements, construct Credential to satisfy issuance requirements and submit them to Issuers, and receive and interpret Credential Responses.

§ Overview

The following representative sequence contextualizes the top-level objects described in this specification:

This specification covers only the data models of these objects and not the exchange protocols or architectural assumptions about how they get transported. Specifically:

• User Agent discovery of the Credential Manifest is determined by the protocol. For example, the Issuer may post a QR code which, when scanned, allows a User Agent to retrieve the Credential
• The Credential Response may be delivered in a synchronous or asynchronous manner, depending on the protocol. As an example of an asynchronous flow, the Issuer may define an endpoint at which the User Agent may check the issuance status and/or obtain Credential Response

§ Versioning

As this specification evolves, so will its object models. Future iterations of the specifications should aim to provide backwards-compatibility and minimize breaking changes. To track the evolution of this specification, all object models this specification defines MUST include a spec_version property, corresponding to the URI of the specification revision the object models conform to.

{
  "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/"
}

§ Credential Manifest

Credential Manifests are a resource format that defines preconditional requirements, Issuer style preferences, and other facets User Agents utilize to help articulate and select the inputs necessary for processing and issuance of a specified credential.

{
  "id": "WA-DL-CLASS-A",
  "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
  "issuer": {
    "id": "did:example:123?linked-domains=3",
    "name": "Washington State Government",
    "styles": {
      "thumbnail": {
        "uri": "https://dol.wa.com/logo.png",
        "alt": "Washington State Seal"
      },
      "hero": {
        "uri": "https://dol.wa.com/people-working.png",
        "alt": "People working on serious things"
      },
      "background": {
        "color": "#ff0000"
      },
      "text": {
        "color": "#d4d400"
      }
    }
  },
  "output_descriptors": [
    {
      "id": "driver_license_output",
      "schema": "https://schema.org/EducationalOccupationalCredential",
      "display": {
        "title": {
          "path": ["$.name", "$.vc.name"],
          "schema": {
            "type": "string"
          },
          "fallback": "Washington State Driver License"
        },
        "subtitle": {
          "path": ["$.class", "$.vc.class"],
          "schema": {
            "type": "string"
          },
          "fallback": "Class A, Commercial"
        },
        "description": {
          "text": "License to operate a vehicle with a gross combined weight rating (GCWR) of 26,001 or more pounds, as long as the GVWR of the vehicle(s) being towed is over 10,000 pounds."
        },
        "properties": [
          {
            "path": ["$.donor", "$.vc.donor"],
            "schema": {
              "type": "boolean"
            },
            "fallback": "Unknown",
            "label": "Organ Donor"
          }
        ]
      },
      "styles": {
        "thumbnail": {
          "uri": "https://dol.wa.com/logo.png",
          "alt": "Washington State Seal"
        },
        "hero": {
          "uri": "https://dol.wa.com/happy-people-driving.png",
          "alt": "Happy people driving"
        },
        "background": {
          "color": "#ff0000"
        },
        "text": {
          "color": "#d4d400"
        }
      }
    }
  ],
  "presentation_definition": {
    "id": "test",
    "input_descriptors": [
      {
        "id": "test input descriptor"
      }
    ]
  }
}

§ General Composition

Credential Manifests are JSON objects composed as follows:

• The object MUST contain an id property, and it’s value MUST be a string. The string SHOULD provide a unique ID for the desired context. For example, a UUID such as 32f54163-7166-48f1-93d8-f f217bdb0653 could provide an ID that is unique in a global context, while a simple string such as my_credential_manifest_1 could be suitably unique in a local context.
• The object MAY contain a name property, and its value MUST be a string that acts as a summarizing title for the Manifest in question.
• The object MAY contain a description property, and its value MUST be a string that explains what the Manifest in question is generally offering in exchange for meeting its requirements.
• The object MUST contain a spec_version property, and its value MUST be a valid spec URI according to the rules set in the versioning section.
• The object MUST contain an issuer property, and its value MUST be an object composed as follows:
  • The object MUST contain a id property, and its value MUST be a valid URI string that identifies who the issuer of the credential(s) will be.
  • The object MAY contain a name property, and its value MUST be a string that SHOULD reflect the human-readable name the Issuer wishes to be recognized by.
  • The object MAY contain a styles property, and its value MUST be an object or URI, as defined by the DIF Entity Styles specification.
• The object MUST contain an output_descriptors property. Its value MUST be an array of Output Descriptor Objects, the composition of which are described in the Output Descriptor section below.
• The Credential Manifest MAY include a format property. If present, its value MUST be the same structure as Presentation Definition’s format property. This property informs the Holder of the Claim format the Issuer can issuer in. For example:

{
  "credential_manifest": {
    "id": "WA-DL-CLASS-A",
    "name": "Washington State Class A Driver's License Application",
    "description": "This application is for the Washington State Class A Driver's License, which requires an applicant to be of at least 18 years of age and provide proof of CDL training completion.",
    "output_descriptors": [],
    "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
    "issuer": {
      "id": "did:example:123?linked-domains=3",
      "name": "Washington State Government",
      "styles": {
        "thumbnail": {
          "uri": "https://dol.wa.com/logo.png",
          "alt": "Washington State Seal"
        },
        "hero": {
          "uri": "https://dol.wa.com/people-working.png",
          "alt": "People working on serious things"
        },
        "background": {
          "color": "#ff0000"
        },
        "text": {
          "color": "#d4d400"
        }
      }
    },
    "format": {
      "jwt": {
        "alg": ["EdDSA", "ES256K", "ES384"]
      },
      "jwt_vc": {
        "alg": ["ES256K", "ES384"]
      },
      "jwt_vp": {
        "alg": ["EdDSA", "ES256K"]
      },
      "ldp_vc": {
        "proof_type": [
          "JsonWebSignature2020",
          "Ed25519Signature2018",
          "EcdsaSecp256k1Signature2019",
          "RsaSignature2018"
        ]
      },
      "ldp_vp": {
        "proof_type": ["Ed25519Signature2018"]
      },
      "ldp": {
        "proof_type": ["RsaSignature2018"]
      }
    }
  }
}

• The object MAY contain a presentation_definition object, and its value MUST be a Presentation Definition object, as defined by the Presentation Exchange specification.

§ Output Descriptor

Output Descriptors are objects used to describe the Claims an Issuer is offering to a Holder.

Output Descriptor Objects contain type URI that links to the type of the offered output data, and information about how to display the output to the Holder.

{
  "output_descriptors": [
    {
      "id": "driver_license_output",
      "schema": "https://schema.org/EducationalOccupationalCredential",
      "display": {
        "title": {
          "path": ["$.name", "$.vc.name"],
          "schema": {
            "type": "string"
          },
          "fallback": "Washington State Driver License"
        },
        "subtitle": {
          "path": ["$.class", "$.vc.class"],
          "schema": {
            "type": "string"
          },
          "fallback": "Class A, Commercial"
        },
        "description": {
          "text": "License to operate a vehicle with a gross combined weight rating (GCWR) of 26,001 or more pounds, as long as the GVWR of the vehicle(s) being towed is over 10,000 pounds."
        },
        "properties": [
          {
            "path": ["$.donor", "$.vc.donor"],
            "schema": {
              "type": "boolean"
            },
            "fallback": "Unknown",
            "label": "Organ Donor"
          }
        ]
      },
      "styles": {
        "thumbnail": {
          "uri": "https://dol.wa.com/logo.png",
          "alt": "Washington State Seal"
        },
        "hero": {
          "uri": "https://dol.wa.com/happy-people-driving.png",
          "alt": "Happy people driving"
        },
        "background": {
          "color": "#ff0000"
        },
        "text": {
          "color": "#d4d400"
        }
      }
    }
  ]
}

§ Output Descriptor Object

Output Descriptor Objects are composed as follows:

• The Output Descriptor Object MUST contain an id property. The value of the id property MUST be a string that does not conflict with the id of another Output Descriptor Object in the same Credential Manifest. For example, the id could be a UUID or a URI.
• The Output Descriptor Object MUST contain a schema property, and its value MUST be a string specifying the schema of the credential to be issued.
• The Output Descriptor Object MAY contain a name property, and if present its value SHOULD be a human-friendly name that describes what the credential represents.
• The Output Descriptor Object MAY contain a description property, and if present its value MUST be a string that describes what the credential is in greater detail.
• The Output Descriptor Object MAY contain a styles property, and its value MUST be an object or URI string, whose content is adherent to the Entity Styles JSON objects defined in the DIF Wallet Rendering specification.
• The Output Descriptor Object MAY contain a display property, and its value MUSTbe an object or URI string, whose content is adherent to the Display Mapping JSON objects defined in the DIF Wallet Rendering specification.

§ JSON Schema

The JSON Schema Draft 7 definition that summarizes the rules above for Output Descriptors can be found after the appendix here.

§ JSON Schema

The JSON Schema Draft 7 definition that summarizes the rules above for Credential Manifest can be found after the appendix here.

§ Resource Location

Credential Manifests SHOULD be retrievable at known, semantic locations that are generalized across all entities, protocols, and transports. This specification does not stipulate how Credential Manifests must be located, hosted, or retrieved, but does advise that Issuers SHOULD make their Credential Manifests available via an instance of the forthcoming semantic personal data-store standard being developed by DIF, W3C, and other groups (e.g. Decentralized Web Nodes).

§ Credential Application

Credential Application are objects embedded within target claim negotiation formats that pass information from the Holder to the Issuer.

Credential Applications are JSON objects composed as follows:

• The object MUST contain an id property. The value of this property MUST be a unique identifier, such as a UUID.
• The object MUST contain a spec_version property, and its value MUST be a valid spec URI according to the rules set in the versioning section.
• The object MUST contain an applicant property, and its value MUST be a string. The value of this property MUST be a URI which uniquely identifies the applicant.
• The object MUST contain a manifest_id property. The value of this property MUST be the id of a valid Credential Manifest.
• The object MUST have a format property if the related Credential Manifest specifies a format property. Its value MUST be a subset of the format property in the Credential that this Credential Submission is related to. This object informs the Issuer which formats the Holder wants to receive the Claims in.
• The Credential Application object MUST contain a presentation_submission property IF the related Credential Manifest contains a presentation_definition. Its value MUST be a valid Presentation Submission as defined in the Presentation Exchange specification:

{
  "id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
  "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
  "applicant": "did:example:123",
  "manifest_id": "WA-DL-CLASS-A",
  "format": {
    "ldp_vc": {
      "proof_type": [
        "JsonWebSignature2020",
        "EcdsaSecp256k1Signature2019"
      ]
    }
  },
  "presentation_submission": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "descriptor_map": [
      {
        "id": "input_1",
        "format": "jwt_vc",
        "path": "$.verifiableCredential[0]"
      },
      {
        "id": "input_2",
        "format": "ldp_vc",
        "path": "$.verifiableCredential[1]"
      },
      {
        "id": "input_3",
        "format": "ldp_vc",
        "path": "$.verifiableCredential[2]"
      }
    ]
  }
}

§ Embed Targets

The following section details where the credential_application object is to be embedded within a target data structure.

§ Embed Locations

The following are the locations at which the Credential Application object MUST be embedded for known target formats. For any location besides the top level of the embed target, the location is described in JSONPath syntax.

§ JSON Schema

The JSON Schema Draft 7 definition that summarizes the rules above for Credential Application can be found after the appendix here.

§ Credential Response

Credential Responses are objects that encapsulate possible responses from a Credential Application, with two possible outcomes: fulfillment or denial. Fulfillment is the case where a Credential Application is accepted, and results in credential issuance. Fulfillments are embedded within target Claim negotiation formats that express how the outputs presented as proofs to a Holder are provided in accordance with the outputs specified in a Credential Manifest. Rejection is the case where a Credential Application is denied, and results in a response of pertitent information about the rejection. Embedded Credential Response objects MUST be located within target data format as the value of a credential_response property, which is composed and embedded as follows:

• The object MUST be included at the top-level of an Embed Target, or in the specific location described in the Embed Locations table in the Embed Target section below.
• The object MUST contain an id property. The value of this property MUST be a unique identifier, such as a UUID.
• The object MUST contain a spec_version property, and its value MUST be a valid spec URI according to the rules set in the versioning section.
• The object MUST contain an applicant property, and its valueMUST be a string. The value of this property MUST be a URI which uniquely identifies the applicant.
• The object MUST contain a manifest_id property. The value of this property MUST be the id value of a valid Credential.
• The object MAY contain an application_id property. If present, the value of this property MUST be the id value of a valid Credential Application.
• The object MUST contain one of the following properties depending on whether the application is to be fulfilled or rejected.
  • For fulfillment the object MUST contain a fulfillment property and its value MUST be an object composed as follows:
    • The object MUST include a descriptor_map property. The value of this property MUST be an array of Output Descriptor Mapping Objects, just like Presentation Submission’s descriptor_map property as defined in the Presentation Exchange specification.
  • For denial the object MUST contain a denial property and its value MUST be an object composed as follows:
    • The object MUST contain a reason property . The value of this property MUST be a string which states why the Credential was not successful.
    • The object MAY contain an input_descriptors property IF the related Credential Application contains a presentation_submission. It’s value MUST be an array of input_descriptor string identifiers from the descriptor_map property of a Presentation Submission, as defined in the Presentation Exchange specification, corresponding to the claims that failed to fulfill the Credential Application.

// NOTE: VP, OIDC, DIDComm, or CHAPI outer wrapper properties would be at outer layer

{
  "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
  "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
  "applicant": "did:example:123",
  "manifest_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
  "application_id": "b6385066-147c-49d0-9783-261a2154b1fd",
  "fulfillment": {
    "descriptor_map": [
      {
        "id": "banking_output_2",
        "format": "jwt_vc",
        "path": "$.verifiableCredential[0]"
      },
      {
        "id": "employment_output",
        "format": "ldp_vc",
        "path": "$.verifiableCredential[1]"
      },
      {
        "id": "citizenship_output_1",
        "format": "ldp_vc",
        "path": "$.verifiableCredential[2]"
      }
    ]
  }
}

{
  "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
  "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
  "applicant": "did:example:123",
  "manifest_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
  "application_id": "b6385066-147c-49d0-9783-261a2154b1fd",
  "denial": {
    "reason": "Input descriptors 1 and 3 use non-matching schemas.",
    "input_descriptors": ["id-1", "id-3"]
  }
}

§ Embed Targets

The following section details where the Credential Response is to be embedded within a target data structure, as well as how to formulate the JSONPath expressions to select the Claims within the target data structure.

§ Embed Locations

The following are the locations at which the credential_response object MUST be embedded for known target formats. For any location besides the top level of the embed target, the location is described in JSONPath syntax.

§ JSON Schema

The JSON Schema Draft 7 definition that summarizes the rules above for Credential Response can be found after the appendix here.

§ Input Evaluation

Input is evaluated from two perspectives: that of the Issuer, who creates a Credential Manifest and from that of the User Agent, who responds to a Manifest with a Credential Application.

A User Agent first processes a Credential Manifest in order to generate a valid Credential Application. If a Credential Manifest includes a presentation_definition property, the User Agent MUST include a valid Presentation Submission in the presentation_submission property of its corresponding Credential.

An Issuer MUST evaluate the input against the associated Credential Manifest. If the Credential Application contains a Presentation Submission, it MUST be processed as specified in Presentation Exchange: Input Evaluation.

§ Appendix

§ Embed Target Examples

§ Credential Manifest

eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJjcmVkZW50aWFsX21hbmlmZXN0Ijp7ImZvcm1hdCI6eyJqd3RfdmMiOnsiYWxnIjpbIkVkRFNBIl19fSwiaWQiOiIzMmY1NDE2My03MTY2LTQ4ZjEtOTNkOC1mZjIxN2JkYjA2NTMiLCJpc3N1ZXIiOnsiaWQiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEifSwib3V0cHV0X2Rlc2NyaXB0b3JzIjpbeyJkZXNjcmlwdGlvbiI6ImRyaXZlcnMgbGljZW5zZSBjcmVkZW50aWFsIiwiaWQiOiJkcml2ZXJzX2xpY2Vuc2UiLCJzY2hlbWEiOiJodHRwczovL2V1LmNvbS9jbGFpbXMvRHJpdmVyc0xpY2Vuc2UifSx7ImRlc2NyaXB0aW9uIjoiZW1wbG95bWVudCBoaXN0b3J5IGNyZWRlbnRpYWwiLCJpZCI6ImVtcGxveW1lbnRfaGlzdG9yeSIsInNjaGVtYSI6Imh0dHBzOi8vYnVzaW5lc3Mtc3RhbmRhcmRzLm9yZy9zY2hlbWFzL2VtcGxveW1lbnQtaGlzdG9yeS5qc29uIn1dLCJwcmVzZW50YXRpb25fZGVmaW5pdGlvbiI6eyJpZCI6ImZmMjE3YmRiMDY1My0zMmY1NDE2My03MTY2LTQ4ZjEtOTNkOCIsImlucHV0X2Rlc2NyaXB0b3JzIjpbeyJjb25zdHJhaW50cyI6eyJmaWVsZHMiOlt7ImlkIjoibGljZW5zZV9zY2hlbWEiLCJwYXRoIjpbIiQuY3JlZGVudGlhbFNjaGVtYS5pZCJdfSx7ImlkIjoibGljZW5zZV9udW1iZXIiLCJwYXRoIjpbIiQuY3JlZGVudGlhbFN1YmplY3QubGljZW5zZU51bWJlciJdfSx7ImlkIjoibGljZW5zZV9zdGF0ZSIsInBhdGgiOlsiJC5jcmVkZW50aWFsU3ViamVjdC5saWNlbnNlU3RhdGUiXX1dfSwiaWQiOiJsaWNlbnNlX2lucHV0In0seyJjb25zdHJhaW50cyI6eyJmaWVsZHMiOlt7ImlkIjoiZW1wbG95bWVudF9zY2hlbWEiLCJwYXRoIjpbIiQuY3JlZGVudGlhbFNjaGVtYS5pZCJdfSx7ImlkIjoiZW1wbG95ZXJfbmFtZSIsInBhdGgiOlsiJC5jcmVkZW50aWFsU3ViamVjdC5lbXBsb3llck5hbWUiXX1dfSwiaWQiOiJlbXBsb3ltZW50X2lucHV0In1dLCJuYW1lIjoiUmVxdWlyZW1lbnRzIGZvciBhIG5ldyBsaWNlbnNlIGFuZCBlbXBsb3ltZW50IGhpc3RvcnkifSwic3BlY192ZXJzaW9uIjoiaHR0cHM6Ly9pZGVudGl0eS5mb3VuZGF0aW9uL2NyZWRlbnRpYWwtbWFuaWZlc3Qvc3BlYy92MS4wLjAvIn0sImlhdCI6MTY2NzUzMTc5NiwiaXNzIjoiZGlkOmV4YW1wbGU6ZWJmZWIxZjcxMmViYzZmMWMyNzZlMTJlYzIxIn0.PCrXyRHOglEBpDPcqCkNo8BSURcEVVgp0ukJGHzvhjeTTYHXB0V5Fu-G6jLx1JVMXcXHlwaDTXitxpnc9ULBBg

{
  "credential_application": {
    "format": {
      "jwt_vc": {
        "alg": [
          "EdDSA"
        ]
      }
    },
    "id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
    "manifest_id": "WA-DL-CLASS-A",
    "presentation_submission": {
      "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
      "descriptor_map": [
        {
          "format": "jwt_vc",
          "id": "input_1",
          "path": "$.verifiableCredential[0]"
        },
        {
          "format": "jwt_vc",
          "id": "input_2",
          "path": "$.verifiableCredential[1]"
        }
      ],
      "id": "a30e3b91-fb77-4d22-95fa-871689c322e2"
    },
    "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/"
  },
  "iat": 1667533138,
  "iss": "did:example:ebfeb1f712ebc6f1c276e12ec21",
  "verifiableCredentials": [
    "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6ZXhhbXBsZToxMjMiLCJqdGkiOiJodHRwczovL2V1LmNvbS9jbGFpbXMvRHJpdmVyc0xpY2Vuc2UiLCJuYmYiOjE2Njc1MzMxMzgxNzAxNjYwMDAsInN1YiI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sImlkIjoiaHR0cHM6Ly9ldS5jb20vY2xhaW1zL0RyaXZlcnNMaWNlbnNlIiwidHlwZSI6WyJFVURyaXZlcnNMaWNlbnNlIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOjEyMyIsImlzc3VhbmNlRGF0ZSI6IjIwMTAtMDEtMDFUMTk6NzM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWNjb3VudHMiOlt7ImlkIjoiMTIzNDU2Nzg5MCIsInJvdXRlIjoiREUtOTg3NjU0MzIxMCJ9LHsiaWQiOiIyNDU3OTEzNTcwIiwicm91dGUiOiJERS0wNzUzMTk3NTQyIn1dLCJpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJ9fX0.0Zs5pTrsndwqbrMVwSUUbL04u1lRM7knmCbAshXwPP1c_sPpqn9sBakPNOdAgD_AXLXPg8K0CZVl5mFdQ_eBDQ",
    "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6Zm9vOjEyMyIsImp0aSI6Imh0dHBzOi8vYnVzaW5lc3Mtc3RhbmRhcmRzLm9yZy9zY2hlbWFzL2VtcGxveW1lbnQtaGlzdG9yeS5qc29uIiwibmJmIjoxNjY3NTMzMTM4MTcwMzcyMDAwLCJzdWIiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJpZCI6Imh0dHBzOi8vYnVzaW5lc3Mtc3RhbmRhcmRzLm9yZy9zY2hlbWFzL2VtcGxveW1lbnQtaGlzdG9yeS5qc29uIiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkdlbmVyaWNFbXBsb3ltZW50Q3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6Zm9vOjEyMyIsImlzc3VhbmNlRGF0ZSI6IjIwMTAtMDEtMDFUMTk6NzM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWN0aXZlIjp0cnVlLCJpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJ9fX0.VzSo1f2LaCuGkSDeiIXbQsONbRI_75LYCNHCSVwOkY05oGj6kgxagHUW-8Qii5BheWCcBh3EU8jYrfqnNtFMAQ"
  ]
}

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://identity.foundation/credential-manifest/application/v1"
  ],
  "type": [
    "VerifiablePresentation",
    "CredentialApplication"
  ],
  "credential_application": {
    "id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
    "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
    "applicant": "did:example:123",
    "manifest_id": "WA-DL-CLASS-A",
    "format": {
      "ldp_vc": {
        "proof_type": [
          "JsonWebSignature2020",
          "EcdsaSecp256k1Signature2019"
        ]
      }
    },
    "presentation_submission": {
      "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
      "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
      "descriptor_map": [
        {
          "id": "input_1",
          "format": "jwt_vc",
          "path": "$.verifiableCredential[0]"
        },
        {
          "id": "input_2",
          "format": "ldp_vc",
          "path": "$.verifiableCredential[1]"
        },
        {
          "id": "input_3",
          "format": "ldp_vc",
          "path": "$.verifiableCredential[2]"
        }
      ]
    }
  },
  "verifiableCredential": [
    {
      "comment": "IN REALWORLD VPs, THIS WILL BE A BIG UGLY OBJECT INSTEAD OF THE DECODED JWT PAYLOAD THAT FOLLOWS",
      "vc": {
        "@context": "https://www.w3.org/2018/credentials/v1",
        "id": "https://eu.com/claims/DriversLicense",
        "type": ["EUDriversLicense"],
        "issuer": "did:example:123",
        "issuanceDate": "2010-01-01T19:73:24Z",
        "credentialSubject": {
          "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
          "accounts": [
            {
              "id": "1234567890",
              "route": "DE-9876543210"
            },
            {
              "id": "2457913570",
              "route": "DE-0753197542"
            }
          ]
        }
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://business-standards.org/schemas/employment-history.json",
      "type": ["VerifiableCredential", "GenericEmploymentCredential"],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "active": true
      },
      "proof": {
        "type": "EcdsaSecp256k1VerificationKey2019",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://eu.com/claims/DriversLicense",
      "type": ["EUDriversLicense"],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "license": {
          "number": "34DGE352",
          "dob": "07/13/80"
        }
      },
      "proof": {
        "type": "RsaSignature2018",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    }
  ],
  "proof": {
    "type": "RsaSignature2018",
    "created": "2018-09-14T21:19:10Z",
    "proofPurpose": "authentication",
    "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1",
    "challenge": "1f44d55f-f161-4938-a659-f8026467f126",
    "domain": "4jt78h47fh47",
    "jws": "..."
  }
}

eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJjcmVkZW50aWFsX2FwcGxpY2F0aW9uIjp7ImZvcm1hdCI6eyJqd3RfdmMiOnsiYWxnIjpbIkVkRFNBIl19fSwiaWQiOiI5YjFkZWI0ZC0zYjdkLTRiYWQtOWJkZC0yYjBkN2IzZGNiNmQiLCJtYW5pZmVzdF9pZCI6IldBLURMLUNMQVNTLUEiLCJwcmVzZW50YXRpb25fc3VibWlzc2lvbiI6eyJkZWZpbml0aW9uX2lkIjoiMzJmNTQxNjMtNzE2Ni00OGYxLTkzZDgtZmYyMTdiZGIwNjUzIiwiZGVzY3JpcHRvcl9tYXAiOlt7ImZvcm1hdCI6Imp3dF92YyIsImlkIjoiaW5wdXRfMSIsInBhdGgiOiIkLnZlcmlmaWFibGVDcmVkZW50aWFsWzBdIn0seyJmb3JtYXQiOiJqd3RfdmMiLCJpZCI6ImlucHV0XzIiLCJwYXRoIjoiJC52ZXJpZmlhYmxlQ3JlZGVudGlhbFsxXSJ9XSwiaWQiOiJhMzBlM2I5MS1mYjc3LTRkMjItOTVmYS04NzE2ODljMzIyZTIifSwic3BlY192ZXJzaW9uIjoiaHR0cHM6Ly9pZGVudGl0eS5mb3VuZGF0aW9uL2NyZWRlbnRpYWwtbWFuaWZlc3Qvc3BlYy92MS4wLjAvIn0sImlhdCI6MTY2NzUzMzEzOCwiaXNzIjoiZGlkOmV4YW1wbGU6ZWJmZWIxZjcxMmViYzZmMWMyNzZlMTJlYzIxIiwidmVyaWZpYWJsZUNyZWRlbnRpYWxzIjpbImV5SmhiR2NpT2lKRlpFUlRRU0lzSW10cFpDSTZJbVJwWkRwbGVHRnRjR3hsT21WaVptVmlNV1kzTVRKbFltTTJaakZqTWpjMlpURXlaV015TVNJc0luUjVjQ0k2SWtwWFZDSjkuZXlKcGMzTWlPaUprYVdRNlpYaGhiWEJzWlRveE1qTWlMQ0pxZEdraU9pSm9kSFJ3Y3pvdkwyVjFMbU52YlM5amJHRnBiWE12UkhKcGRtVnljMHhwWTJWdWMyVWlMQ0p1WW1ZaU9qRTJOamMxTXpNeE16Z3hOekF4TmpZd01EQXNJbk4xWWlJNkltUnBaRHBsZUdGdGNHeGxPbVZpWm1WaU1XWTNNVEpsWW1NMlpqRmpNamMyWlRFeVpXTXlNU0lzSW5aaklqcDdJa0JqYjI1MFpYaDBJanBiSW1oMGRIQnpPaTh2ZDNkM0xuY3pMbTl5Wnk4eU1ERTRMMk55WldSbGJuUnBZV3h6TDNZeElsMHNJbWxrSWpvaWFIUjBjSE02THk5bGRTNWpiMjB2WTJ4aGFXMXpMMFJ5YVhabGNuTk1hV05sYm5ObElpd2lkSGx3WlNJNld5SkZWVVJ5YVhabGNuTk1hV05sYm5ObElsMHNJbWx6YzNWbGNpSTZJbVJwWkRwbGVHRnRjR3hsT2pFeU15SXNJbWx6YzNWaGJtTmxSR0YwWlNJNklqSXdNVEF0TURFdE1ERlVNVGs2TnpNNk1qUmFJaXdpWTNKbFpHVnVkR2xoYkZOMVltcGxZM1FpT25zaVlXTmpiM1Z1ZEhNaU9sdDdJbWxrSWpvaU1USXpORFUyTnpnNU1DSXNJbkp2ZFhSbElqb2lSRVV0T1RnM05qVTBNekl4TUNKOUxIc2lhV1FpT2lJeU5EVTNPVEV6TlRjd0lpd2ljbTkxZEdVaU9pSkVSUzB3TnpVek1UazNOVFF5SW4xZExDSnBaQ0k2SW1ScFpEcGxlR0Z0Y0d4bE9tVmlabVZpTVdZM01USmxZbU0yWmpGak1qYzJaVEV5WldNeU1TSjlmWDAuMFpzNXBUcnNuZHdxYnJNVndTVVViTDA0dTFsUk03a25tQ2JBc2hYd1BQMWNfc1BwcW45c0Jha1BOT2RBZ0RfQVhMWFBnOEswQ1pWbDVtRmRRX2VCRFEiLCJleUpoYkdjaU9pSkZaRVJUUVNJc0ltdHBaQ0k2SW1ScFpEcGxlR0Z0Y0d4bE9tVmlabVZpTVdZM01USmxZbU0yWmpGak1qYzJaVEV5WldNeU1TSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnBjM01pT2lKa2FXUTZabTl2T2pFeU15SXNJbXAwYVNJNkltaDBkSEJ6T2k4dlluVnphVzVsYzNNdGMzUmhibVJoY21SekxtOXlaeTl6WTJobGJXRnpMMlZ0Y0d4dmVXMWxiblF0YUdsemRHOXllUzVxYzI5dUlpd2libUptSWpveE5qWTNOVE16TVRNNE1UY3dNemN5TURBd0xDSnpkV0lpT2lKa2FXUTZaWGhoYlhCc1pUcGxZbVpsWWpGbU56RXlaV0pqTm1ZeFl6STNObVV4TW1Wak1qRWlMQ0oyWXlJNmV5SkFZMjl1ZEdWNGRDSTZXeUpvZEhSd2N6b3ZMM2QzZHk1M015NXZjbWN2TWpBeE9DOWpjbVZrWlc1MGFXRnNjeTkyTVNKZExDSnBaQ0k2SW1oMGRIQnpPaTh2WW5WemFXNWxjM010YzNSaGJtUmhjbVJ6TG05eVp5OXpZMmhsYldGekwyVnRjR3h2ZVcxbGJuUXRhR2x6ZEc5eWVTNXFjMjl1SWl3aWRIbHdaU0k2V3lKV1pYSnBabWxoWW14bFEzSmxaR1Z1ZEdsaGJDSXNJa2RsYm1WeWFXTkZiWEJzYjNsdFpXNTBRM0psWkdWdWRHbGhiQ0pkTENKcGMzTjFaWElpT2lKa2FXUTZabTl2T2pFeU15SXNJbWx6YzNWaGJtTmxSR0YwWlNJNklqSXdNVEF0TURFdE1ERlVNVGs2TnpNNk1qUmFJaXdpWTNKbFpHVnVkR2xoYkZOMVltcGxZM1FpT25zaVlXTjBhWFpsSWpwMGNuVmxMQ0pwWkNJNkltUnBaRHBsZUdGdGNHeGxPbVZpWm1WaU1XWTNNVEpsWW1NMlpqRmpNamMyWlRFeVpXTXlNU0o5ZlgwLlZ6U28xZjJMYUN1R2tTRGVpSVhiUXNPTmJSSV83NUxZQ05IQ1NWd09rWTA1b0dqNmtneGFnSFVXLThRaWk1QmhlV0NjQmgzRVU4allyZnFuTnRGTUFRIl19.zyfAs5yD_N5W-6WSwRABuNtKaMQA0YImiAIOBU9fKV51KA4AORlvvA_3svWAsDZFK6ZvH-fKzF70k4OYS04vBQ

{
  "credential_application": {
    "id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
    "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
    "applicant": "did:example:123",
    "manifest_id": "WA-DL-CLASS-A",
    "format": {
      "ldp_vc": {
        "proof_type": [
          "JsonWebSignature2020",
          "EcdsaSecp256k1Signature2019"
        ]
      }
    },
    "presentation_submission": {
      "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
      "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
      "descriptor_map": [
        {
          "id": "input_1",
          "format": "jwt_vc",
          "path": "$.verifiableCredential[0]"
        },
        {
          "id": "input_2",
          "format": "ldp_vc",
          "path": "$.verifiableCredential[1]"
        },
        {
          "id": "input_3",
          "format": "ldp_vc",
          "path": "$.verifiableCredential[2]"
        }
      ]
    }
  },
  "verifiableCredential": [
    {
      "comment": "IN REALWORLD VPs, THIS WILL BE A BIG UGLY OBJECT INSTEAD OF THE DECODED JWT PAYLOAD THAT FOLLOWS",
      "vc": {
        "@context": "https://www.w3.org/2018/credentials/v1",
        "id": "https://eu.com/claims/DriversLicense",
        "type": ["EUDriversLicense"],
        "issuer": "did:example:123",
        "issuanceDate": "2010-01-01T19:73:24Z",
        "credentialSubject": {
          "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
          "accounts": [
            {
              "id": "1234567890",
              "route": "DE-9876543210"
            },
            {
              "id": "2457913570",
              "route": "DE-0753197542"
            }
          ]
        }
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://business-standards.org/schemas/employment-history.json",
      "type": ["VerifiableCredential", "GenericEmploymentCredential"],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "active": true
      },
      "proof": {
        "type": "EcdsaSecp256k1VerificationKey2019",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://eu.com/claims/DriversLicense",
      "type": ["EUDriversLicense"],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "license": {
          "number": "34DGE352",
          "dob": "07/13/80"
        }
      },
      "proof": {
        "type": "RsaSignature2018",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    }
  ]
}

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://identity.foundation/credential-manifest/response/v1"
  ],
  "type": [
    "VerifiablePresentation",
    "CredentialResponse"
  ],
  "credential_response": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
    "applicant": "did:example:123",
    "manifest_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "application_id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
    "fulfillment": {
      "descriptor_map": [
        {
          "id": "banking_output_2",
          "format": "jwt_vc",
          "path": "$.verifiableCredential[0]"
        },
        {
          "id": "employment_output",
          "format": "ldp_vc",
          "path": "$.verifiableCredential[1]"
        },
        {
          "id": "citizenship_output_1",
          "format": "ldp_vc",
          "path": "$.verifiableCredential[2]"
        }
      ]
    }
  },
  "verifiableCredential": [
    {
      "comment": "IN REALWORLD VPs, THIS WILL BE A BIG UGLY OBJECT INSTEAD OF THE DECODED JWT PAYLOAD THAT FOLLOWS",
      "vc": {
        "@context": "https://www.w3.org/2018/credentials/v1",
        "id": "https://eu.com/claims/DriversLicense",
        "type": [
          "EUDriversLicense"
        ],
        "issuer": "did:example:123",
        "issuanceDate": "2010-01-01T19:73:24Z",
        "credentialSubject": {
          "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
          "accounts": [
            {
              "id": "1234567890",
              "route": "DE-9876543210"
            },
            {
              "id": "2457913570",
              "route": "DE-0753197542"
            }
          ]
        }
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://business-standards.org/schemas/employment-history.json",
      "type": [
        "VerifiableCredential",
        "GenericEmploymentCredential"
      ],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "active": true
      },
      "proof": {
        "type": "EcdsaSecp256k1VerificationKey2019",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://eu.com/claims/DriversLicense",
      "type": [
        "EUDriversLicense"
      ],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "license": {
          "number": "34DGE352",
          "dob": "07/13/80"
        }
      },
      "proof": {
        "type": "RsaSignature2018",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    }
  ],
  "proof": {
    "type": "RsaSignature2018",
    "created": "2018-09-14T21:19:10Z",
    "proofPurpose": "authentication",
    "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1",
    "challenge": "1f44d55f-f161-4938-a659-f8026467f126",
    "domain": "4jt78h47fh47",
    "jws": "..."
  }
}

eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJjcmVkZW50aWFsX3Jlc3BvbnNlIjp7ImFwcGxpY2F0aW9uX2lkIjoiOWIxZGViNGQtM2I3ZC00YmFkLTliZGQtMmIwZDdiM2RjYjZkIiwiZnVsZmlsbG1lbnQiOnsiZGVzY3JpcHRvcl9tYXAiOlt7ImZvcm1hdCI6Imp3dF92YyIsImlkIjoibGljZW5zZV9vdXRwdXQiLCJwYXRoIjoiJC52ZXJpZmlhYmxlQ3JlZGVudGlhbFswXSJ9LHsiZm9ybWF0Ijoiand0X3ZjIiwiaWQiOiJlbXBsb3ltZW50X291dHB1dCIsInBhdGgiOiIkLnZlcmlmaWFibGVDcmVkZW50aWFsWzFdIn1dfSwiaWQiOiJhMzBlM2I5MS1mYjc3LTRkMjItOTVmYS04NzE2ODljMzIyZTIiLCJtYW5pZmVzdF9pZCI6IjMyZjU0MTYzLTcxNjYtNDhmMS05M2Q4LWZmMjE3YmRiMDY1MyIsInNwZWNfdmVyc2lvbiI6Imh0dHBzOi8vaWRlbnRpdHkuZm91bmRhdGlvbi9jcmVkZW50aWFsLW1hbmlmZXN0L3NwZWMvdjEuMC4wLyJ9LCJpYXQiOjE2Njc1MzM2MTUsImlzcyI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInZlcmlmaWFibGVDcmVkZW50aWFscyI6WyJleUpoYkdjaU9pSkZaRVJUUVNJc0ltdHBaQ0k2SW1ScFpEcGxlR0Z0Y0d4bE9tVmlabVZpTVdZM01USmxZbU0yWmpGak1qYzJaVEV5WldNeU1TSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnBjM01pT2lKa2FXUTZaWGhoYlhCc1pUb3hNak1pTENKcWRHa2lPaUpvZEhSd2N6b3ZMMlYxTG1OdmJTOWpiR0ZwYlhNdlJISnBkbVZ5YzB4cFkyVnVjMlVpTENKdVltWWlPakUyTmpjMU16TTJNVFV6TURVMk16a3dNREFzSW5OMVlpSTZJbVJwWkRwbGVHRnRjR3hsT21WaVptVmlNV1kzTVRKbFltTTJaakZqTWpjMlpURXlaV015TVNJc0luWmpJanA3SWtCamIyNTBaWGgwSWpwYkltaDBkSEJ6T2k4dmQzZDNMbmN6TG05eVp5OHlNREU0TDJOeVpXUmxiblJwWVd4ekwzWXhJbDBzSW1sa0lqb2lhSFIwY0hNNkx5OWxkUzVqYjIwdlkyeGhhVzF6TDBSeWFYWmxjbk5NYVdObGJuTmxJaXdpZEhsd1pTSTZXeUpGVlVSeWFYWmxjbk5NYVdObGJuTmxJbDBzSW1semMzVmxjaUk2SW1ScFpEcGxlR0Z0Y0d4bE9qRXlNeUlzSW1semMzVmhibU5sUkdGMFpTSTZJakl3TVRBdE1ERXRNREZVTVRrNk56TTZNalJhSWl3aVkzSmxaR1Z1ZEdsaGJGTjFZbXBsWTNRaU9uc2lZV05qYjNWdWRITWlPbHQ3SW1sa0lqb2lNVEl6TkRVMk56ZzVNQ0lzSW5KdmRYUmxJam9pUkVVdE9UZzNOalUwTXpJeE1DSjlMSHNpYVdRaU9pSXlORFUzT1RFek5UY3dJaXdpY205MWRHVWlPaUpFUlMwd056VXpNVGszTlRReUluMWRMQ0pwWkNJNkltUnBaRHBsZUdGdGNHeGxPbVZpWm1WaU1XWTNNVEpsWW1NMlpqRmpNamMyWlRFeVpXTXlNU0o5ZlgwLlJkS2E1NldDT0V2SlFxNnp0QmhEZHJDUlNtLXpYeWFBbnlWTVJsclcwV1RsdkUyMjV3OHVuZDl2U2g2V1h6cGVxQnpXemhlMzBRc3kwekd3dzZkcUNRIiwiZXlKaGJHY2lPaUpGWkVSVFFTSXNJbXRwWkNJNkltUnBaRHBsZUdGdGNHeGxPbVZpWm1WaU1XWTNNVEpsWW1NMlpqRmpNamMyWlRFeVpXTXlNU0lzSW5SNWNDSTZJa3BYVkNKOS5leUpwYzNNaU9pSmthV1E2Wm05dk9qRXlNeUlzSW1wMGFTSTZJbWgwZEhCek9pOHZZblZ6YVc1bGMzTXRjM1JoYm1SaGNtUnpMbTl5Wnk5elkyaGxiV0Z6TDJWdGNHeHZlVzFsYm5RdGFHbHpkRzl5ZVM1cWMyOXVJaXdpYm1KbUlqb3hOalkzTlRNek5qRTFNekExTnpneU1EQXdMQ0p6ZFdJaU9pSmthV1E2WlhoaGJYQnNaVHBsWW1abFlqRm1OekV5WldKak5tWXhZekkzTm1VeE1tVmpNakVpTENKMll5STZleUpBWTI5dWRHVjRkQ0k2V3lKb2RIUndjem92TDNkM2R5NTNNeTV2Y21jdk1qQXhPQzlqY21Wa1pXNTBhV0ZzY3k5Mk1TSmRMQ0pwWkNJNkltaDBkSEJ6T2k4dlluVnphVzVsYzNNdGMzUmhibVJoY21SekxtOXlaeTl6WTJobGJXRnpMMlZ0Y0d4dmVXMWxiblF0YUdsemRHOXllUzVxYzI5dUlpd2lkSGx3WlNJNld5SldaWEpwWm1saFlteGxRM0psWkdWdWRHbGhiQ0lzSWtkbGJtVnlhV05GYlhCc2IzbHRaVzUwUTNKbFpHVnVkR2xoYkNKZExDSnBjM04xWlhJaU9pSmthV1E2Wm05dk9qRXlNeUlzSW1semMzVmhibU5sUkdGMFpTSTZJakl3TVRBdE1ERXRNREZVTVRrNk56TTZNalJhSWl3aVkzSmxaR1Z1ZEdsaGJGTjFZbXBsWTNRaU9uc2lZV04wYVhabElqcDBjblZsTENKcFpDSTZJbVJwWkRwbGVHRnRjR3hsT21WaVptVmlNV1kzTVRKbFltTTJaakZqTWpjMlpURXlaV015TVNKOWZYMC4ycFNKNllKb0hlUDlNbkNDTzhiV25GelBrbEZiUFQwS05kRHR6UGd1NGRONG9paTV3MkZEOG1mblVjWnl5MDJMaTdwVjhsUTdOMG9QdHBVcXlGODVEUSJdfQ.n2k0Na7lHaAVGiJof4xB1s5Z8aUS5UIvwtqGrb1MEa6o2OMdetMCtMODlYc__EnfH8J-ADT6k5mLsnI4vlT4DQ

{
  "credential_response": {
    "application_id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
    "applicant": "did:example:123",
    "fulfillment": {
      "descriptor_map": [
        {
          "format": "jwt_vc",
          "id": "license_output",
          "path": "$.verifiableCredential[0]"
        },
        {
          "format": "jwt_vc",
          "id": "employment_output",
          "path": "$.verifiableCredential[1]"
        }
      ]
    },
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "manifest_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/"
  },
  "iat": 1667533615,
  "iss": "did:example:ebfeb1f712ebc6f1c276e12ec21",
  "verifiableCredentials": [
    "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6ZXhhbXBsZToxMjMiLCJqdGkiOiJodHRwczovL2V1LmNvbS9jbGFpbXMvRHJpdmVyc0xpY2Vuc2UiLCJuYmYiOjE2Njc1MzM2MTUzMDU2MzkwMDAsInN1YiI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInZjIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sImlkIjoiaHR0cHM6Ly9ldS5jb20vY2xhaW1zL0RyaXZlcnNMaWNlbnNlIiwidHlwZSI6WyJFVURyaXZlcnNMaWNlbnNlIl0sImlzc3VlciI6ImRpZDpleGFtcGxlOjEyMyIsImlzc3VhbmNlRGF0ZSI6IjIwMTAtMDEtMDFUMTk6NzM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWNjb3VudHMiOlt7ImlkIjoiMTIzNDU2Nzg5MCIsInJvdXRlIjoiREUtOTg3NjU0MzIxMCJ9LHsiaWQiOiIyNDU3OTEzNTcwIiwicm91dGUiOiJERS0wNzUzMTk3NTQyIn1dLCJpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJ9fX0.RdKa56WCOEvJQq6ztBhDdrCRSm-zXyaAnyVMRlrW0WTlvE225w8und9vSh6WXzpeqBzWzhe30Qsy0zGww6dqCQ",
    "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6Zm9vOjEyMyIsImp0aSI6Imh0dHBzOi8vYnVzaW5lc3Mtc3RhbmRhcmRzLm9yZy9zY2hlbWFzL2VtcGxveW1lbnQtaGlzdG9yeS5qc29uIiwibmJmIjoxNjY3NTMzNjE1MzA1NzgyMDAwLCJzdWIiOiJkaWQ6ZXhhbXBsZTplYmZlYjFmNzEyZWJjNmYxYzI3NmUxMmVjMjEiLCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJpZCI6Imh0dHBzOi8vYnVzaW5lc3Mtc3RhbmRhcmRzLm9yZy9zY2hlbWFzL2VtcGxveW1lbnQtaGlzdG9yeS5qc29uIiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIkdlbmVyaWNFbXBsb3ltZW50Q3JlZGVudGlhbCJdLCJpc3N1ZXIiOiJkaWQ6Zm9vOjEyMyIsImlzc3VhbmNlRGF0ZSI6IjIwMTAtMDEtMDFUMTk6NzM6MjRaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWN0aXZlIjp0cnVlLCJpZCI6ImRpZDpleGFtcGxlOmViZmViMWY3MTJlYmM2ZjFjMjc2ZTEyZWMyMSJ9fX0.2pSJ6YJoHeP9MnCCO8bWnFzPklFbPT0KNdDtzPgu4dN4oii5w2FD8mfnUcZyy02Li7pV8lQ7N0oPtpUqyF85DQ"
  ]
}

{
  "$schema": "http://json-schema.org/draft-07/schema",
  "title": "Credential Manifest",
  "type": "object",
  "properties": {
    "id": {
      "type": "string"
    },
    "name": {
      "type": "string"
    },
    "description": {
      "type": "string"
    },
    "spec_version": {
      "type": "string"
    },
    "issuer": {
      "type": "object",
      "required": [
        "id"
      ],
      "properties": {
        "id": {
          "type": "string"
        },
        "name": {
          "type": "string"
        },
        "styles": {
          "$ref": "https://identity.foundation/wallet-rendering/schemas/entity-styles.json"
        }
      },
      "additionalProperties": false
    },
    "output_descriptors": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "id",
          "schema"
        ],
        "properties": {
          "id": {
            "type": "string"
          },
          "name": {
            "type": "string"
          },
          "description": {
            "type": "string"
          },
          "schema": {
            "type": "string"
          },
          "display": {
            "type": "object",
            "properties": {
              "title": {
                "$ref": "https://identity.foundation/wallet-rendering/schemas/display-mapping-object.json"
              },
              "subtitle": {
                "$ref": "https://identity.foundation/wallet-rendering/schemas/display-mapping-object.json"
              },
              "description": {
                "$ref": "https://identity.foundation/wallet-rendering/schemas/display-mapping-object.json"
              },
              "properties": {
                "type": "array",
                "items": {
                  "$ref": "https://identity.foundation/wallet-rendering/schemas/labeled-display-mapping-object.json"
                }
              }
            },
            "additionalProperties": false
          },
          "styles": {
            "$ref": "https://identity.foundation/wallet-rendering/schemas/entity-styles.json"
          }
        },
        "additionalProperties": false
      }
    },
    "presentation_definition": {
      "$ref": "https://identity.foundation/presentation-exchange/schemas/presentation-definition.json"
    },
    "format": {
      "$ref": "https://identity.foundation/claim-format-registry/schemas/presentation-definition-claim-format-designations.json"
    }
  },
  "required": [
    "id",
    "spec_version",
    "issuer",
    "output_descriptors"
  ],
  "additionalProperties": false
}

{
  "$schema": "http://json-schema.org/draft-07/schema",
  "title": "Output Descriptors",
  "type": "object",
  "properties": {
    "output_descriptors": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "id": { "type": "string" },
          "name": { "type": "string" },
          "description": { "type": "string" },
          "schema": { "type": "string" },
          "display": {
            "type": "object",
            "properties": {
              "title": {
                "$ref": "https://identity.foundation/wallet-rendering/schemas/display-mapping-object.json"
              },
              "subtitle": {
                "$ref": "https://identity.foundation/wallet-rendering/schemas/display-mapping-object.json"
              },
              "description": {
                "$ref": "https://identity.foundation/wallet-rendering/schemas/display-mapping-object.json"
              },
              "properties": {
                "type": "array",
                "items": {
                  "$ref": "https://identity.foundation/wallet-rendering/schemas/labeled-display-mapping-object.json"
                }
              }
            },
            "additionalProperties": false
          },
          "styles": {
            "$ref": "https://identity.foundation/wallet-rendering/schemas/entity-styles.json"
          }
        },
        "required": ["id", "schema"],
        "additionalProperties": false
      }
    }
  },
  "required": ["output_descriptors"],
  "additionalProperties": false
}

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "Credential Application",
  "type": "object",
  "properties": {
    "id": { "type": "string" },
    "spec_version": { "type" : "string" },
    "manifest_id": { "type": "string" },
    "applicant": { "type": "string" },
    "format": {
      "type": "object",
      "patternProperties": {
        "^jwt$|^jwt_vc$|^jwt_vp$": {
          "type": "object",
          "properties": {
            "alg": {
              "type": "array",
              "minItems": 1,
              "items": { "type": "string" }
            }
          },
          "required": ["alg"],
          "additionalProperties": false
        },
        "^ldp_vc$|^ldp_vp$|^ldp$": {
          "type": "object",
          "properties": {
            "proof_type": {
              "type": "array",
              "minItems": 1,
              "items": { "type": "string" }
            }
          },
          "required": ["proof_type"],
          "additionalProperties": false
        }
      },
      "additionalProperties": false
    },
    "presentation_submission": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "definition_id": { "type": "string" },
        "descriptor_map": {
          "type": "array",
          "items": { "$ref": "#/definitions/descriptor" }
        }
      },
      "required": ["id", "definition_id", "descriptor_map"],
      "additionalProperties": false
    }
  },
  "definitions": {
    "descriptor": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "path": { "type": "string" },
        "path_nested": {
          "type": "object",
          "$ref": "#/definitions/descriptor"
        },
        "format": {
          "type": "string",
          "enum": ["jwt", "jwt_vc", "jwt_vp", "ldp", "ldp_vc", "ldp_vp"]
        }
      },
      "required": ["id", "path", "format"],
      "additionalProperties": false
    }
  },
  "required": ["id", "spec_version", "manifest_id", "format"],
  "additionalProperties": false
}

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "Credential Response",
  "type": "object",
  "properties": {    
    "id": { "type": "string" },
    "spec_version": { "type" : "string" },
    "applicant": { "type": "string" },
    "manifest_id": { "type": "string" },
    "application_id": { "type": "string" },
    "fulfillment": {
      "type": "object",
      "properties": {
        "descriptor_map": {
          "type": "array",
          "items": { "$ref": "#/definitions/descriptor" }
        }
      },
      "required": ["descriptor_map"],
      "additionalProperties": false
    },
    "denial": {
      "type": "object",
      "properties": {
        "reason": { "type": "string" },
        "input_descriptors": {
          "type": "array",
          "minItems": 1,
          "items": { "type": "string" }
        }
      },
      "required": ["reason"],
      "additionalProperties": false
    }
  },
  "oneOf": [
    {
      "required": ["fulfillment"]
    },
    {
      "required": ["denial"] 
    }
  ],
  "definitions": {
    "descriptor": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "path": { "type": "string" },
        "path_nested": {
          "type": "object",
            "$ref": "#/definitions/descriptor"
        },
        "format": {
          "type": "string",
          "enum": ["jwt", "jwt_vc", "jwt_vp", "ldp", "ldp_vc", "ldp_vp"]
        }
      },
      "required": ["id", "path", "format"],
      "additionalProperties": false
    }
  },
  "required": ["id", "spec_version", "manifest_id"],
  "additionalProperties": false
}