Credential Revocation Integration

This document outlines the process for updating the status of a verifiable credential, covering possible states, update mechanisms, and compliance considerations.

Gataca currently supports multiple credential revocation protocols, with the following mechanisms being the most notable. These mechanisms continue to evolve, and Gataca ensures backward compatibility with previous revocation methods. The revocation mechanism used depends on when the credential was issued. Currently Gataca uses Verifiable Credential Status List 2021.

It is not necessary to explicitly determine the revocation mechanism of a credential, as Gataca manages this process. The issuer only needs to integrate with the Gataca API call described below.

These are the revocation mechanisms supported by Gataca:

To update the status of a credential, the issuer must execute the following API call.

Request Example

http

PATCH /admin/v1/credentials/[CREDENTIAL-ID]
Host: certify.gataca.io
Authorization: jwt [ACCESS-TOKEN]
Content-Type: application/json

{
    "status": "[CREDENTIAL-STATUS]"
}

CREDENTIAL-ID : Credential identifier. This identifier represents a credential, which will change its status after this call.
ACCESS-TOKEN: Access token received from the authentication request (This authentication must be executed by an application linked to the tenant selected into the authentication request).
CREDENTIAL-STATUS: Credential status identifier. In this case, only 3 different states can be assigned: REVOKED, SUSPENDED and ISSUED .

Details: Swagger

Response Example

http

HTTP/1.1 200 OK
Content-Type: application/json

{
    "message": "SUCCESS"
}

Credential statuses

ISSUED: This is the default status when a verifiable credential is issued. It indicates that the credential is valid.
SUSPENDED: This is a temporary revocation, meaning the credential is currently not valid. However, it can be reinstated to the Issued status, restoring its validity.
REVOKED: This is a permanent status. Once revoked, the credential is no longer valid and cannot be reinstated.

This diagram illustrates the status flow, explaining how a credential’s status can be modified.

PreviousSSI Issuance Integration NextSSI Verification Integration

Last updated 1 month ago

Credential Revocation Integration

This document outlines the process for updating the status of a verifiable credential, covering possible states, update mechanisms, and compliance considerations.

It is not necessary to explicitly determine the revocation mechanism of a credential, as Gataca manages this process. The issuer only needs to integrate with the Gataca API call described below.

These are the revocation mechanisms supported by Gataca:

To update the status of a credential, the issuer must execute the following API call.

Request Example

http

PATCH /admin/v1/credentials/[CREDENTIAL-ID]
Host: certify.gataca.io
Authorization: jwt [ACCESS-TOKEN]
Content-Type: application/json

{
    "status": "[CREDENTIAL-STATUS]"
}

CREDENTIAL-ID : Credential identifier. This identifier represents a credential, which will change its status after this call.
ACCESS-TOKEN: Access token received from the authentication request (This authentication must be executed by an application linked to the tenant selected into the authentication request).
CREDENTIAL-STATUS: Credential status identifier. In this case, only 3 different states can be assigned: REVOKED, SUSPENDED and ISSUED .

Details: Swagger

Response Example

http

HTTP/1.1 200 OK
Content-Type: application/json

{
    "message": "SUCCESS"
}

Credential statuses

ISSUED: This is the default status when a verifiable credential is issued. It indicates that the credential is valid.
SUSPENDED: This is a temporary revocation, meaning the credential is currently not valid. However, it can be reinstated to the Issued status, restoring its validity.
REVOKED: This is a permanent status. Once revoked, the credential is no longer valid and cannot be reinstated.

This diagram illustrates the status flow, explaining how a credential’s status can be modified.

PreviousSSI Issuance Integration NextSSI Verification Integration

Last updated 1 month ago