#Credential Types Configuration

The Issuer2 Service supports multiple credential formats. This guide explains how to configure the supported credential types for your issuer service.

#Supported Formats

Format	Configuration Key	Description
SD-JWT VC	`vc+sd-jwt`	IETF SD-JWT Verifiable Credentials
W3C JWT	`jwt_vc_json`	W3C Verifiable Credentials with JWT signature
mDoc	`mso_mdoc`	ISO 18013-5 Mobile Documents

#Credential Configuration Structure

Credential types are configured in the supportedCredentialTypes object when creating or updating your issuer service.

#SD-JWT VC Configuration

{
  "identity_credential_vc+sd-jwt": {
    "format": "vc+sd-jwt",
    "vct": "https://example.com/credentials/identity_credential",
    "cryptographic_binding_methods_supported": ["jwk"],
    "credential_signing_alg_values_supported": ["ES256"],
    "sdJwtVcTypeMetadata": {
      "name": "Identity Credential",
      "description": "A verifiable identity credential",
      "vct": "https://example.com/credentials/identity_credential"
    }
  }
}

SD-JWT VC Properties:

Property	Description
`format`	Must be `vc+sd-jwt`
`vct`	Verifiable Credential Type URL
`cryptographic_binding_methods_supported`	Supported binding methods (e.g., `jwk`, `did`)
`credential_signing_alg_values_supported`	Supported signing algorithms
`sdJwtVcTypeMetadata`	Type metadata for the credential

#W3C JWT Configuration

{
  "UniversityDegree_jwt_vc_json": {
    "format": "jwt_vc_json",
    "cryptographic_binding_methods_supported": ["did"],
    "credential_signing_alg_values_supported": ["ES256", "EdDSA"],
    "credential_definition": {
      "type": ["VerifiableCredential", "UniversityDegree"]
    }
  }
}

W3C JWT Properties:

Property	Description
`format`	Must be `jwt_vc_json`
`cryptographic_binding_methods_supported`	Supported binding methods
`credential_signing_alg_values_supported`	Supported signing algorithms
`credential_definition.type`	Array of credential types

#mDoc Configuration

{
  "org.iso.18013.5.1.mDL": {
    "format": "mso_mdoc",
    "doctype": "org.iso.18013.5.1.mDL",
    "cryptographic_binding_methods_supported": ["cose_key"],
    "credential_signing_alg_values_supported": ["ES256"]
  }
}

mDoc Properties:

Property	Description
`format`	Must be `mso_mdoc`
`doctype`	The mDoc document type
`cryptographic_binding_methods_supported`	Must include `cose_key`
`credential_signing_alg_values_supported`	Supported signing algorithms

#Credential Configuration ID

The key used for each credential type in supportedCredentialTypes becomes the credentialConfigurationId. This ID is used when:

Creating credential profiles
Referencing credentials in the OpenID4VCI metadata
Requesting specific credential types

Naming Convention:

{credentialType}_{format}

Examples:

UniversityDegree_jwt_vc_json
identity_credential_vc+sd-jwt
org.iso.18013.5.1.mDL

#Complete Example

Here's a complete example of an issuer service configuration with multiple credential types:

{
  "type": "issuer2",
  "baseUrl": "https://myorg.enterprise-sandbox.waltid.dev",
  "kms": "waltid.tenant1.kms1",
  "tokenKeyId": "waltid.tenant1.kms1.tokenKey",
  "supportedCredentialTypes": {
    "identity_credential_vc+sd-jwt": {
      "format": "vc+sd-jwt",
      "vct": "https://myorg.example.com/credentials/identity",
      "cryptographic_binding_methods_supported": ["jwk"],
      "credential_signing_alg_values_supported": ["ES256"],
      "sdJwtVcTypeMetadata": {
        "name": "Identity Credential",
        "description": "Verifiable identity credential",
        "vct": "https://myorg.example.com/credentials/identity"
      }
    },
    "UniversityDegree_jwt_vc_json": {
      "format": "jwt_vc_json",
      "cryptographic_binding_methods_supported": ["did"],
      "credential_signing_alg_values_supported": ["ES256", "EdDSA"],
      "credential_definition": {
        "type": ["VerifiableCredential", "UniversityDegree"]
      }
    },
    "org.iso.18013.5.1.mDL": {
      "format": "mso_mdoc",
      "doctype": "org.iso.18013.5.1.mDL",
      "cryptographic_binding_methods_supported": ["cose_key"],
      "credential_signing_alg_values_supported": ["ES256"]
    }
  },
  "displayConfigurations": [
    {
      "name": "My Organization",
      "locale": "en-US"
    }
  ]
}

#Signing Algorithms

The following signing algorithms are supported:

Algorithm	Key Type	Description
`ES256`	P-256 (secp256r1)	ECDSA with SHA-256
`ES384`	P-384	ECDSA with SHA-384
`ES512`	P-521	ECDSA with SHA-512
`EdDSA`	Ed25519	Edwards-curve Digital Signature Algorithm
`RS256`	RSA	RSASSA-PKCS1-v1_5 with SHA-256
`PS256`	RSA	RSASSA-PSS with SHA-256

#Binding Methods

Method	Description	Use Case
`did`	DID-based binding	W3C credentials with DID subjects
`jwk`	JWK-based binding	SD-JWT VC with key binding
`cose_key`	COSE key binding	mDoc credentials

#Next Steps

Create a Profile – Create profiles for your credential types
Display Configuration – Configure issuer branding

Last updated on April 8, 2026

Display Configuration Status List Aggregation