TODO: write a real abstract

This document represents a concise but limited collection of use cases readers should review alongside the VC API Specification.

Comments regarding this document are welcome. Please file directly on GitHub, or send them to public-vc-comments@w3.org (subscribe, archives).

Introduction

For Verifiable Credentials to be realized as a usable data format there needs to exist a neutral, standard-governed way for Issuers, Holders and Verifiers of these credentials to transport them between said entities. TODO: Finish introduction

Existing Work

TODO: fill in

Use Cases

Get Digital Permanent Resident Card

Lana is an IT administrator for the United States Citizenship and Immigration Services (USCIS) Digital Permanent Resident Card (PRC) program. She configures the USCIS website to issue digital Permanent Resident Cards by utilizing industry standard issuer software and setting up the appropriate HTTP API Authorizations between systems. Legal Permanent Residents, upon receiving their physical card in the mail, are given the USCIS website URL, a login account, and PIN code that they may use to manage their account and pick up their digital Permanent Resident Card. When Louis, a Legal Permanent Resident, requests a digital Permanent Resident Card via the USCIS website, he authenticates using his login account and once authenticated, provides a DID associated with his client-side digital wallet against which the website will issue VCs. The USCIS website then connects to the digital card issuing server, which builds the Verifiable Credential Permanent Resident Card using Louis' account data, and then utilizes industry standard HTTP APIs to issue the Permanent Resident Card as a Verifiable Credential. Louis can then use his Digital Permanent Resident Card in online scenarios when he needs to prove his resident status, such as when applying for a job.

Requirements:

Endpoints:

Contributed by: Digital Bazaar

Refresh Expired Over Age Token

Lana is an IT administrator for the United States Citizenship and Immigration Services (USCIS) Digital Permanent Resident Card (PRC) program. She configures the USCIS website to issue digital Permanent Resident Cards by utilizing industry standard issuer software and setting up the appropriate HTTP API Authorizations between systems. Legal Permanent Residents, upon receiving their physical card in the mail, are given the USCIS website URL, a login account, and PIN code that they may use to manage their account and pick up their digital Permanent Resident Card. When Louis, a Legal Permanent Resident, requests a digital Permanent Resident Card via the USCIS website, he authenticates using his login account and once authenticated, provides a DID associated with his client-side digital wallet against which the website will issue VCs. The USCIS website then connects to the digital card issuing server, which builds the Verifiable Credential Permanent Resident Card using Louis' account data, and then utilizes industry standard HTTP APIs to issue the Permanent Resident Card as a Verifiable Credential. Louis can then use his Digital Permanent Resident Card in online scenarios when he needs to prove his resident status, such as when applying for a job.

Requirements:

Endpoints:

  • /presentations/Available,
  • /presentations/issue,
  • /presentations/submissions,
  • [/presentations/verify, /credentials/verify,]
  • /credentials/issue,
  • /credentials/refresh/? (is the parent credential/receipt/authorization to have tokens getting refreshed?)
  • Contributed by: Digital Bazaar

    Execute Multi-stage Presentation Workflow

    Description: Ignio, a logistics manager for "Kirk Company", would like to submit all necessary paperwork to send his company's products across international boundaries. These products are considered hazardous chemicals and thus are regulated, requiring extra paperwork to be filed before transportation is approved across boundaries. Some hazardous material shipments are different resulting in different required paperwork, and Ignio wants to automate as much of the process as possible with Shippers, their 3rd Party Logistics company (3PL). There are a set of verifiable credentials that Ignio is willing to share with Customs as well as the transportation company.

    When Kirk starts a shipping workflow, his company's systems initiate the workflow by contacting a known location on the Shipper's Website. A presentation exchange occurs to first DIDAuth the company and send generic mandatory information for any shipment; if and only if the information provided requires additional information‒in this case a hazmat certification‒a second exchange is initiated to request this outstanding/required hazmat info. Once this is received, Shippers can send back a Bill of Lading in VC form. The two (or more) credential exchanges are composable and idempotent, ending in a valid BoL if successful.

    Requirements:

    Endpoints:

    Contributed by: Digital Bazaar

    Aggregated Credential Workflow

    Tod is using digital credentials to apply for a service/qualify for a job/gain access to a programme. Some of his credentials are available today, some will need to be provided when they are ready (for example, a criminal background check can take 24-48 hrs to process). He would like these credentials to be presented to the Verifier (service provider) when ready, without having to constantly return to the Verifier (service provider) and deliver them "by hand". He should be able to have them released from his Holder directly as they become available.

    Requirements:

    Endpoints:

  • /presentations/Available,
  • /presentations/issue,
  • /presentations/submissions,
  • [/presentations/verify, /credentials/verify,]
  • /credentials/issue,
  • /presentations/stateful/ - doesn't exist but maybe worth discussing?
  • Contributed by:SecureKey Technologies Inc.

    Submit/Sign/Verify a test credential to a licensure system

    A student, Shabazz, wants to publish their MBLEx test results from an education test provider, Massage Therapy Test Corp. Massage Therapy Test Corp proxies their authority to sign to a service provider, SSI Ventures. SSI Ventures issues Shabazz a VC when he logs into his Massage Therapy Test Corp account and enables his browser-based SSI Wallet, Billfold. The signed VC is then stored in Shabazz’ Billfold™ Wallet to be presented elsewhere.

    In a separate session, Shabazz logs into a web portal of a State Massage Therapy licensure system to apply for his Massage Therapy license. The licensure specialist at the State checks the issuer using a State accreditation system, then checks the signature on the test results VC and ingests the credential’s payload. The licensure specialist then finalizes their workflow and issues Shabazz a Massage Therapy license.

    Requirements:

  • 1. VC Issuance
  • 2. VC Presentation
  • 3. Issuer Lookup (is that business logic?),
  • 4. VP Verification
  • 5. VC Verification
  • X. Website as Consumer.
  • X. Issuance-as-a-Service,
  • Endpoints:

  • /credentials/issue,
  • /issuer/lookup (out of scope; in-scope for the UVI, tho!),
  • /presentations/verify,
  • /credentials/verify,
  • Contributed by:RANDA Solutions

    Supply Chain Import

    In order to export steel products to the global market, Steel Mills Global must prove the quality of their products. For this, they rely on Inspectors & Co, an internationally recognized steel testing company. Upon inspection, Inspectors & Co issues a Mill Test Report VC to Steel Mills Global.

    Steel, Inc. imports and distributes steel products domestically. Negotiating a shipment Steel Mills Global presents the MTR as proof of product quality. Steel Inc. verifies the MTR VP and accepts the shipment.

    Steel, Inc. initiates the importing procedures, starting out self-issuing an Import Declaration Form VC. The MTR and IDF are jointly presented to the Customs authority which verifies the VP. Upon verification the customs release is granted for goods import.

    Note: These VC types are taken from the Traceability Vocabulary, a W3C-CCG work item for supply chain use-cases.

    Requirements:

    Endpoints:

  • (VERIFIER-APP?) /presentations/available,
  • /presentations/issue,
  • /presentations/submissions,
  • [/presentations/verify, /credentials/verify,]
  • /credentials/issue
  • Contributed by:Transmute Industries

    Requirements

    Features and Benefits

    VC API Actions

    Issuer to Holder

    Present for Verification

    Refresh

    Focal Use Cases

    Terminology

    This section is non-normative.

    Acknowledgements

    The editors are thankful to the contributions from the VC API Working Group