I can request the issuance of the VC but Authenticator doesn't request the user to Present a verifiable credential in order to issue one, thus the issuance of the VC doesn't get authorized.
Meaning in my case I need the Authenticator to request the VerifiedCredentialExpert VC first but I don't see how to trigger this on Authenticator, I tried this on issuance_request_config.json file, I also tried adding requestedCredentials to type VerifiedCredentialExpert as you see below to suggest to Authenticator to get this first, but didn't change the error behaviour:
"callback": {
//In this sample code we will overwrite the callback and use the HOSTNAME dynamicall
//make sure you use ngrok or something like that when running on a local devbox.
//The MS AAD VC Request service needs to be able to reach the callback URI
"url": "https://YOURPUBLICREACHABLEHOSTNAME/api/issuer/issuanceCallback",
"state": "STATEWILLBESETINCODE",
"headers": {
"api-key": "OPTIONAL API-KEY for ISSUANCE CALLBACK API"
}
},
//The Authority is the DID from your MS AAD Verifiable Credential service, you can copy this from the VC page in azure portal
"authority": "did:ion: THIS IS YOUR DID FROM THE VC PAGE IN AZURE PORTAL WHICH IS SET IN THE SAMPLE BY COPYING THE VALUE FROM APPSETTINGS.JSON ",
"registration": {
"clientName": "Verifiable Test Register Verifiable Credential"
},
//The type needs to be the same as defined in the rules json definitione. The manifest can be copied after the credential has been
//created in the azure portal
"type": "VerifiedTestRegistration",
"manifest": "CREDENTIAL URL IN THIS SAMPLE WILL BE COPIED FROM APPSETTINGS.JSON",
//Recommendation is to protect issuance payload with a PIN code.
//The pincode is set to a random value in code and will be displayed in the UI to the user
"pin": {
"value": "123456",
"length": 4
},
//This is an example payload which will be used in the rules file of the credential.
//The rules files maps information from the ID Token (hint) to the VC
"claims": {
"country_of_registry": "",
"registration_number": "",
},
//You can request multiple verifiable credentials at once that's whty the requestCredentials is an array
"requestedCredentials": [
{
"type": "VerifiedCredentialExpert",
"purpose": "Required presentation of verifiable credentials expert to get Test Registration card.",
//You can trust multiple issuers who might be issuing the same credential type (for example certifications or diplomas)
//You need to specify at least 1 trusted issuer DID, for this sample code we copy the IssuerAuthority from appsettings to the request
//"acceptedIssuers": [ "did:ion: copied from your VC portal in this sample the code copies it from APPSETTINGS.JSON" ]
"acceptedIssuers": [ "theaccepetedidissuer" ]
}
]
}
These are the display and rules:
` Display definition
{
"locale": "en-US",
"card": {
"title": "Test Verified Credential",
"issuedBy": "TheIssuer",
"backgroundColor": "#000000",
"textColor": "#ffffff",
"logo": {
"uri": "https://domain.com/image.png",
"description": "Test Verified Credential"
},
"description": "Use this card to verify."
},
"consent": {
"title": "Do you want to get your Test Verified Credential?",
"instructions": "Sign in with your Verified Credential Expert Card to get your card."
},
"claims": [
{
"claim": "$.vc.country_of_registry",
"label": "Country of Registry",
"type": "String"
},
{
"claim": "$.vc.registration_number",
"label": "Registration Number",
"type": "String"
}
]
}
Rules definition
{
"attestations": {
"presentations": [
{
"mapping": [
{
"outputClaim": "firstName",
"required": true,
"inputClaim": "$.vc.credentialSubject.given_name",
"indexed": false
},
{
"outputClaim": "lastName",
"required": true,
"inputClaim": "$.vc.credentialSubject.family_name",
"indexed": false
}
],
"required": true,
"credentialType": "VerifiedCredentialExpert",
"contracts": [
"https://verifiedid.did.msidentity.com/v1.0/tenants/id/verifiableCredentials/contracts/abcd/manifest"
],
"trustedIssuers": [
"did:ion:thedid"
]
}
],
"idTokenHints": [
{
"mapping": [
{
"outputClaim": "countryOfRegistry",
"required": true,
"inputClaim": "$.country_of_registry",
"indexed": false
},
{
"outputClaim": "registrationNumber",
"required": true,
"inputClaim": "$.registration_number",
"indexed": true
}
],
"required": true
}
]
},
"validityInterval": 2592000,
"vc": {
"type": [
"VerifiedTestRegistration"
]
}
}`
I am testing on iphone12 pro latest iOS version installed.
[Question as posted in the git project](https://github.com/Azure-Samples/active-directory-verifiable-credentials-dotnet/issues/41) and [MSFT Community](https://learn.microsoft.com/en-us/answers/questions/1121432/is-attestation-verifiable-credentials-type-repo-de.html) but unfortunately got no help.
Thank you for your help, Sergio
I have tested successfully idtokenhint demo and I am trying unsucessfully attestation verifiable credentials type , similar to the Woodgrave Employee Onboarding Demo, is this code available in c#?
I can request the issuance of the VC but Authenticator doesn't request the user to Present a verifiable credential in order to issue one, thus the issuance of the VC doesn't get authorized.
Meaning in my case I need the Authenticator to request the VerifiedCredentialExpert VC first but I don't see how to trigger this on Authenticator, I tried this on issuance_request_config.json file, I also tried adding requestedCredentials to type VerifiedCredentialExpert as you see below to suggest to Authenticator to get this first, but didn't change the error behaviour: