Skip to content

Verifiable Credentials

Verifiable Credentials (VCs) are tamper-evident digital credentials that allow anyone to verify information about a subject (such as a user) without contacting the credential issuer directly. Asgardeo supports issuing verifiable credentials to digital wallets using the OpenID for Verifiable Credential Issuance (OID4VCI) standard.

Why verifiable credentials?

Traditional identity verification often requires real-time communication with the credential issuer or centralized databases. Verifiable credentials solve this by enabling a decentralized trust model:

  • Decentralized trust — Verifiers can check credential authenticity using cryptographic proofs without contacting the issuer.
  • User control — Holders store credentials in their own digital wallets and choose when and with whom to share them.
  • Selective disclosure — With formats like Selective Disclosure JSON Web Token, holders can reveal only specific claims (e.g., prove their age without disclosing their full date of birth).
  • Standards-based — Built on open standards (OID4VCI, W3C Verifiable Credentials), ensuring interoperability across different systems and wallets.

Common use cases

Verifiable credentials enable a wide range of real-world identity and trust scenarios:

  • Authentication — Users can authenticate to applications by presenting a verifiable credential from their wallet instead of using passwords or traditional identity providers. The verifier validates the cryptographic proof without contacting the issuer.

  • Identity verification — Organizations can issue credentials representing verified identity attributes (e.g., government ID, employee status, age verification) that users can present on demand—eliminating repeated identity checks across different services.

  • Digital signatures — Credentials can carry cryptographically signed claims that act as tamper-proof attestations, enabling use cases such as signing documents, authorizing transactions, or attesting to qualifications.

How it works

The verifiable credentials model involves three parties:

  • Issuer — The organization that creates and signs the credential. Asgardeo acts as the issuer.
  • Holder — The user who receives the credential in their digital wallet and presents it when needed.
  • Verifier — The party that checks the credential's authenticity and reads its claims.

Verifiable credentials trust triangle showing the Issuer, Holder, and Verifier roles

Asgardeo uses the OID4VCI protocol to issue credentials to any conformant digital wallet. The wallet receives a credential offer, the user authenticates, and Asgardeo delivers a cryptographically signed credential.

What you can do

Use the guides in this section to issue verifiable credentials from Asgardeo to standards-compliant digital wallets.