#Data Functions

The Issuer2 API offers the use of data functions when issuing credentials. These functions ensure that credentials always contain the most current and accurate information.

Data functions are supported across all credential types: W3C JWT VC, IETF SD-JWT VC, and ISO mDoc.

#How Data Functions Work

Data functions are not executed at the moment you create a credential offer. Instead, they get executed at the point when the credential is actually claimed by the recipient. This means that the data within the credential stays up-to-date, regardless of whether the recipient claims it immediately or after a considerable period.

#The Importance of Timing

This delayed execution is crucial because it guarantees the information's relevance and accuracy. For example, a credential might be issued today but claimed a month later. The data functions ensure that the credential reflects any changes that occurred during that interval, maintaining the credibility of the credential.

#How to Use Data Functions

When configuring a credential profile or creating an offer, you can provide a mapping object that defines which keys in the credential data structure should be replaced by the value returned from the provided data function.

#Example

Credential Data Template

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.w3.org/2018/credentials/examples/v1"
  ],
  "id": "",
  "type": ["VerifiableCredential", "UniversityDegreeCredential"],
  "issuer": {
    "id": ""
  },
  "credentialSubject": {
    "degree": ""
  }
}

Mapping Object with Data Functions

{
  "id": "<uuid>",
  "issuer": {
    "id": "<issuerDid>"
  },
  "credentialSubject": {
    "id": "<subjectDid>",
    "degree": "<webhook-json:https://example.com/api/degreeData>"
  },
  "issuanceDate": "<timestamp>",
  "expirationDate": "<timestamp-in:365d>"
}

Issued Credential

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.w3.org/2018/credentials/examples/v1"
  ],
  "id": "urn:uuid:3732a5b8-...",
  "type": ["VerifiableCredential", "UniversityDegreeCredential"],
  "issuer": {
    "id": "did:key:z6Mk..."
  },
  "credentialSubject": {
    "id": "did:key:z6Mk...",
    "degree": {
      "type": "BachelorDegree",
      "name": "Bachelor of Science and Arts"
    }
  },
  "issuanceDate": "2024-01-15T10:30:00Z",
  "expirationDate": "2025-01-15T10:30:00Z"
}

#Available Functions

#UUID

<uuid> generates a unique identifier.

{
  "id": "<uuid>"
}

Result: "urn:uuid:3732a5b8-1234-5678-9abc-def012345678"

#Subject DID

<subjectDid> returns the recipient's DID once the credential is claimed.

{
  "credentialSubject": {
    "id": "<subjectDid>"
  }
}

#Issuer DID

<issuerDid> returns the issuer's DID.

{
  "issuer": {
    "id": "<issuerDid>"
  }
}

#Timestamp

<timestamp> returns the current timestamp in ISO 8601 format YYYY-MM-DDThh:mm:ss.sssZ.

{
  "issuanceDate": "<timestamp>"
}

Result: "2024-01-15T10:30:00.000Z"

#Timestamp Seconds

<timestamp-seconds> returns the Unix timestamp (seconds since epoch).

{
  "iat": "<timestamp-seconds>"
}

Result: 1705315800

#Timestamp In

<timestamp-in:duration> returns a future date by providing the duration as an argument.

{
  "expirationDate": "<timestamp-in:365d>"
}

Supported duration formats:

30d - 30 days
12h - 12 hours
30m - 30 minutes
1y - 1 year

Result: "2025-01-15T10:30:00.000Z"

#Timestamp In Seconds

<timestamp-in-seconds:duration> returns a future Unix timestamp.

{
  "exp": "<timestamp-in-seconds:365d>"
}

Result: 1736851800

#Timestamp Before

<timestamp-before:duration> returns a date in the past.

{
  "validFrom": "<timestamp-before:30d>"
}

Result: "2023-12-16T10:30:00.000Z"

#Timestamp Before Seconds

<timestamp-before-seconds:duration> returns a past Unix timestamp.

{
  "nbf": "<timestamp-before-seconds:1h>"
}

#Display

<display> returns the display metadata of the credential as defined in the issuer metadata.

{
  "display": "<display>"
}

Result:

{
  "name": "University Credential",
  "locale": "en-US",
  "logo": {
    "url": "https://university.example.edu/logo.png",
    "alt_text": "University Logo"
  },
  "background_color": "#12107c",
  "text_color": "#FFFFFF"
}

#Webhook

<webhook:url> makes a request to a specific URL and inserts the response as plain text.

{
  "credentialSubject": {
    "studentId": "<webhook:https://example.com/api/studentId>"
  }
}

If the webhook returns "STU-12345", the result is:

{
  "credentialSubject": {
    "studentId": "STU-12345"
  }
}

#Webhook JSON

<webhook-json:url> makes a request to a specific URL and inserts the response as a nested JSON object.

{
  "credentialSubject": {
    "degree": "<webhook-json:https://example.com/api/degreeData>"
  }
}

If the webhook returns:

{
  "type": "BachelorDegree",
  "name": "Bachelor of Science"
}

The result is:

{
  "credentialSubject": {
    "degree": {
      "type": "BachelorDegree",
      "name": "Bachelor of Science"
    }
  }
}

#EBSI-Specific Functions

The EBSI trust framework mandates a specific timestamp format for issued credentials. Use these functions for EBSI-compliant credentials:

#EBSI Timestamp

<ebsi-timestamp> returns the current timestamp in EBSI format YYYY-MM-DDThh:mm:ssZ.

{
  "issuanceDate": "<ebsi-timestamp>"
}

Result: "2024-01-15T10:30:00Z"

#EBSI Timestamp In

<ebsi-timestamp-in:duration> returns a future date in EBSI format.

{
  "expirationDate": "<ebsi-timestamp-in:365d>"
}

Result: "2025-01-15T10:30:00Z"

#Using Data Functions in Profiles

Configure data functions in your credential profile:

# issuer2-profiles.conf

profiles = {
  "university-degree" = {
    name = "University Degree"
    credentialConfigurationId = "UniversityDegree_jwt_vc_json"
    issuerKey = { ... }
    issuerDid = "did:key:z6Mk..."
    credentialData = {
      "@context" = [
        "https://www.w3.org/2018/credentials/v1"
      ]
      type = ["VerifiableCredential", "UniversityDegree"]
      credentialSubject = {
        degree = {
          type = "BachelorDegree"
          name = ""
        }
      }
    }
    mapping = {
      id = "<uuid>"
      "issuer.id" = "<issuerDid>"
      "credentialSubject.id" = "<subjectDid>"
      "credentialSubject.degree.name" = "<webhook:https://example.com/api/degreeName>"
      issuanceDate = "<timestamp>"
      expirationDate = "<timestamp-in:365d>"
    }
  }
}

#Using Data Functions in Runtime Overrides

Override data functions when creating an offer:

curl -X POST 'http://localhost:7002/issuer2/credential-offers' \
  -H 'Content-Type: application/json' \
  -d '{
    "profileId": "university-degree",
    "authMethod": "PRE_AUTHORIZED",
    "runtimeOverrides": {
      "mapping": {
        "credentialSubject.degree.name": "<webhook:https://different-api.com/degreeName>"
      }
    }
  }'

#Next Steps

Credential Profiles – Configure profiles with data functions
Create an Offer – Create offers with runtime overrides

Last updated on June 15, 2026

Setup Notifications