# Verify Credentials

Verification templates define identity verification requirements that can be integrated into various applications.&#x20;

{% hint style="info" %}
A verification template outlines the entire verification process, including:

* **Required Verification Credentials:** Specifies the credentials users must share to enable successful authentication.
* **Level of Trust:** Determines the legitimacy of the credentials needed.
* **Additional Security Requirements:** Specifies any extra security measures, such as two-factor authentication (2FA), that users must comply with.
  {% endhint %}

Once the verification process is implemented, users simply scan a QR code on your website, consent to sharing the required data for identity verification, and gain access.

## Create a Verification Template <a href="#id-1.-create-a-verification-template" id="id-1.-create-a-verification-template"></a>

To create a new verification template, navigate to the main dashboard or click **Create Template** in the **Verification** section.

### Step 1: Configuration

<figure><img src="/files/bQRYefd0YumLl1SYJpqy" alt=""><figcaption></figcaption></figure>

**Verification Template Identifier**\
The first step is to name your verification template. This name will be associated with the verification process and will serve as the primary reference throughout the platform.

**DID** \
Choose the DID (Decentralized Identifier) you want to use as the Verifier. By default, a DID named “My DID” is pre-created for you and can be selected for your first verification template. If needed, you can create another DID.&#x20;

{% hint style="info" %}
[**Jump to the tutorial on creating DIDs**](/developers/platform-tutorials/self-sovereign-identity/create-and-register-dids.md)
{% endhint %}

**QR Code Viewing Duration**\
Set the duration (in seconds) that the QR code will be visible for users to scan. Once this time elapses, the QR code will expire, and users will need to reload the page to generate a new one. Each QR code has a unique session ID to ensure secure, one-time use.

**Consent Duration**\
Specify how long (in days) your organization will store and process the data shared by users. Ensure compliance with local data protection regulations, such as GDPR, which mandates minimizing the retention period for personal data.

When the consent duration has been reached, the user data will be deleted from your Studio account.

**Service Description**\
Briefly describe the service for which the user is requesting access.

### Step 2: Request&#x20;

Define which verifiable credentials are required for user verification.&#x20;

<figure><img src="/files/maZWc7mjtHnIariEL9WT" alt=""><figcaption></figcaption></figure>

**1. Select data to request**

You can scroll through the list or use the search bar to select the necessary credentials. If no additional information is required, select “ID Only.”

{% hint style="danger" %}
Users must have these credentials in their wallets before requesting access to your services.
{% endhint %}

**2. Requested data settings**

Specify which credentials are essential (required) and which are nice-to-have information (optional). Required credentials are necessary to complete the credential issuance, while optional credentials provide additional, non-essential information.

By default they are marked as optional.

**3. Requested data advanced settings (optional)**

* **Level of trust**

When requesting credentials from users, decide if they need to meet a specific level of trust.

The level of trust reflects how reliable the credential is and how confident you can be that the person presenting it is who they claim to be. This confidence is based on the [trust framework ](https://docs.gataca.io/studio/getting-started/basics#terminology)in place.

This level, based on standards set by Gataca, is related to the eIDAS regulation’s levels of assurance.

{% hint style="danger" %}
Trusted Credentials are issued by entities that are listed in the Gataca's Public Issuer Registry. To register your DID in a Trusted Registry, submit a ticket.
{% endhint %}

* **Purpose**

You can define the reason or intended use for requesting this credential. This helps clarify the context for both the issuer and the recipient.

* **Security configuration**

Set up any additional security measures users must complete before receiving the issued credential, such as two-factor authentication (2FA) via biometrics, OTPs (one-time passwords), or in-app authentication.

### Successful Configuration

Once you've configured the verification template, you’ll see a confirmation that the process has been successfully created. You can now test your template using our sandbox or can integrate your template with your system. &#x20;

We recommend testing your templates in the sandbox before integrating it with your system. This allows you to experience the user process firsthand and ensures everything works as expected before going live.

<figure><img src="/files/iH95P5UDSI9k5sGpallu" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.gataca.io/developers/platform-tutorials/self-sovereign-identity/verify-credentials.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.