#Credential Lifecycle

The Community Stack Verifier API validates credential lifecycle states—whether a credential is active, revoked, suspended, or expired—using globally adopted status mechanisms and validity timestamps.

#What's included

The Verifier capability supports lifecycle checks through dedicated verification policies:

#Status list verification

Check whether a credential has been revoked or suspended by fetching and validating its entry in the issuer's status list.

This means:

• Verifiers automatically fetch status credentials from issuer-hosted locations (web servers, S3, Azure Blob, etc.)
• Supports industry-standard formats: Bitstring Status List v1.0, TokenStatusList, StatusList2021, RevocationList2020
• Works across credential types: W3C VC, SD-JWT VC, ISO mdoc
• Verifiers can check revocation, suspension, or custom status purposes

#Validity window verification

Verify that credentials are being used within their intended validity period by checking validFrom (or notBefore) and validUntil (or expiresAt) timestamps.

This means:

• Prevents use of credentials before their activation date
• Rejects expired credentials automatically
• No external status list required—validity timestamps are embedded in the credential itself
• Verifiers can enforce strict temporal policies per use case

#FAQs

• Which status list formats are supported? — The Verifier supports W3C Bitstring Status List v1.0, TokenStatusList (IETF), StatusList2021, and RevocationList2020, covering all major standards.
• Can I verify credentials offline? — Validity timestamps can be verified offline, but status list checks require network access to fetch the current status credential. For offline scenarios, verifiers need a cached copy of the status list.

#Get Started

• Credential status verification policy – Learn how to verify credential status using status list policies.
• Expiration & validity verification policies – Learn about built-in policies for expiration and validity checks.