Protocol Documentation
This page documents the Protobuf Services and Messages which compose the Trinsic API.
Top
services/account/v1/account.proto
AccountDetails
Account registration details
Field |
Type |
Description |
name |
string |
Account name |
email |
string |
Deprecated. Email address of account. |
sms |
string |
Deprecated. SMS number including country code |
AccountProfile
Device profile containing sensitive authentication data.
This information should be stored securely
Field |
Type |
Description |
profile_type |
string |
The type of profile, used to differentiate between protocol schemes or versions |
auth_data |
bytes |
Auth data containg information about the current device access |
auth_token |
bytes |
Secure token issued by server used to generate zero-knowledge proofs |
protection |
TokenProtection |
Token security information about the token. If token protection is enabled, implementations must supply protection secret before using the token for authentication. |
TokenProtection
Token protection info
Field |
Type |
Description |
enabled |
bool |
Indicates if token is protected using a PIN, security code, HSM secret, etc. |
method |
ConfirmationMethod |
The method used to protect the token |
WalletAuthToken
Information about authentication tokens for a wallet
Field |
Type |
Description |
id |
string |
Unique identifier for the token. This field will match the DeviceId in the WalletAuthData |
description |
string |
Device name/description |
date_created |
string |
Date when the token was created in ISO 8601 format |
ConfirmationMethod
Confirmation method type for two-factor workflows
Name |
Number |
Description |
None |
0 |
No confirmation required |
Email |
1 |
Email confirmation required |
Sms |
2 |
SMS confirmation required |
ConnectedDevice |
3 |
Confirmation from a connected device is required |
Other |
10 |
Third-party method of confirmation is required |
Top
services/trust-registry/v1/trust-registry.proto
Service - TrustRegistry
AuthorizedMember
AuthorizedMemberSchema
GetMemberAuthorizationStatusRequest
Request to fetch member status in Trust Registry for a specific credential schema.
Field |
Type |
Description |
did_uri |
string |
DID URI of member |
schema_uri |
string |
URI of credential schema associated with member |
GetMemberAuthorizationStatusResponse
Response to GetMemberAuthorizationStatusRequest
Field |
Type |
Description |
status |
RegistrationStatus |
Status of member for given credential schema |
GetMemberRequest
Request to get a member of the Trust Registry
Field |
Type |
Description |
did_uri |
string |
DID URI of member to get |
wallet_id |
string |
Trinsic Wallet ID of member to get |
email |
string |
Email address of member to get. Must be associated with an existing Trinsic account. |
GetMemberResponse
Response to GetMemberAuthorizationStatusRequest
Field |
Type |
Description |
authorized_member |
AuthorizedMember |
Member for given did in given framework |
ListAuthorizedMembersRequest
Field |
Type |
Description |
schema_uri |
string |
id of schema that needs to be checked |
continuation_token |
string |
Token to fetch next set of results, from previous ListAuthorizedMembersResponse |
ListAuthorizedMembersResponse
Response to ListAuthorizedMembersRequest
Field |
Type |
Description |
authorized_members |
AuthorizedMember[] |
JSON string containing array of resultant objects |
has_more_results |
bool |
Whether more data is available to fetch for query |
continuation_token |
string |
Token to fetch next set of results via ListAuthorizedMembersRequest |
RegisterMemberRequest
Request to register a member as a valid issuer of a specific credential schema.
Only one of did_uri
, wallet_id
, or email
may be specified.
Field |
Type |
Description |
did_uri |
string |
DID URI of member to register |
wallet_id |
string |
Trinsic Wallet ID of member to register |
email |
string |
Email address of member to register. Must be associated with an existing Trinsic account. |
schema_uri |
string |
URI of credential schema to register member as authorized issuer of |
valid_from_utc |
uint64 |
Unix Timestamp member is valid from. Member will not be considered valid before this timestamp. |
valid_until_utc |
uint64 |
Unix Timestamp member is valid until. Member will not be considered valid after this timestamp. |
RegisterMemberResponse
Response to RegisterMemberRequest
UnregisterMemberRequest
Request to unregister a member as a valid issuer of a specific credential schema.
Only one of did_uri
, wallet_id
, or email
may be specified.
The URI of the credential schema must be specified.
Field |
Type |
Description |
did_uri |
string |
DID URI of member to unregister |
wallet_id |
string |
Trinsic Wallet ID of member to unregister |
email |
string |
Email address of member to unregister. Must be associated with an existing Trinsic account. |
schema_uri |
string |
URI of credential schema to unregister member as authorized issuer of |
UnregisterMemberResponse
Response to UnregisterMemberRequest
RegistrationStatus
Name |
Number |
Description |
CURRENT |
0 |
Member is currently authorized, as of the time of the query |
EXPIRED |
1 |
Member's authorization has expired |
TERMINATED |
2 |
Member has voluntarily ceased Issuer role under the specific EGF |
REVOKED |
3 |
Member authority under specific EGF was terminated by the governing authority |
NOT_FOUND |
10 |
Member is not associated with given credential schema in the EGF |
Top
services/provider/v1/access-management.proto
Service - AccessManagement
Access Management service provides methods to manage access to ecosystem resources
such by assigning roles and permissions to wallet accounts
AddRoleAssignmentRequest
Role management
Field |
Type |
Description |
role |
string |
Role to assign |
email |
string |
Email address of account to assign role. Mutually exclusive with walletId and didUri . |
wallet_id |
string |
Wallet ID of account to assign role to. Mutually exclusive with email and didUri . |
did_uri |
string |
DID URI of the account to assign role. Mutually exclusive with email and walletId . |
AddRoleAssignmentResponse
ListAvailableRolesRequest
Request to fetch the available roles in the current ecosystem
ListAvailableRolesResponse
Field |
Type |
Description |
roles |
string[] |
List of roles |
ListRoleAssignmentsRequest
Request to fetch the list of roles assigned to the current account
Field |
Type |
Description |
email |
string |
Email address of account to list roles. Mutually exclusive with walletId and didUri . |
wallet_id |
string |
Wallet ID of account to list roles. Mutually exclusive with email and didUri . |
did_uri |
string |
DID URI of the account to list roles. Mutually exclusive with email and walletId . |
ListRoleAssignmentsResponse
Field |
Type |
Description |
roles |
string[] |
List of roles |
RemoveRoleAssignmentRequest
Field |
Type |
Description |
role |
string |
Role to unassign |
email |
string |
Email address of account to unassign role. Mutually exclusive with walletId and didUri . |
wallet_id |
string |
Wallet ID of account to unassign role. Mutually exclusive with email and didUri . |
did_uri |
string |
DID URI of the account to unassign role. Mutually exclusive with email and walletId . |
RemoveRoleAssignmentResponse
Top
services/provider/v1/provider.proto
Service - Provider
CreateEcosystemRequest
Request to create an ecosystem
Field |
Type |
Description |
name |
string |
Globally unique name for the Ecosystem. This name will be part of the ecosystem-specific URLs and namespaces. Allowed characters are lowercase letters, numbers, underscore and hyphen. If not passed, ecosystem name will be auto-generated. |
description |
string |
Ecosystem description |
details |
services.account.v1.AccountDetails |
The account details of the owner of the ecosystem |
domain |
string |
New domain URL |
CreateEcosystemResponse
Response to CreateEcosystemRequest
Ecosystem
Details of an ecosystem
Field |
Type |
Description |
id |
string |
URN of the ecosystem |
name |
string |
Globally unique name for the ecosystem |
description |
string |
Ecosystem description |
EcosystemInfoRequest
Request to fetch information about an ecosystem
EcosystemInfoResponse
Response to InfoRequest
Field |
Type |
Description |
ecosystem |
Ecosystem |
Ecosystem corresponding to current ecosystem in the account token |
GetOberonKeyRequest
Request to fetch the Trinsic public key used
to verify authentication token validity
GetOberonKeyResponse
Response to GetOberonKeyRequest
Field |
Type |
Description |
key |
string |
Oberon Public Key as RAW base64-url encoded string |
IndyOptions
Options for creation of DID on the SOV network
IonOptions
Options for creation of DID on the ION network
SearchWalletConfigurationResponse
Field |
Type |
Description |
results |
WalletConfiguration[] |
Results matching the search query |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via SearchRequest |
SearchWalletConfigurationsRequest
Search for issuers/holders/verifiers
Field |
Type |
Description |
query_filter |
string |
SQL filter to execute. SELECT * FROM c WHERE [**queryFilter**] |
continuation_token |
string |
Token provided by previous SearchResponse if more data is available for query |
UpgradeDidRequest
Request to upgrade a wallet
Field |
Type |
Description |
email |
string |
Email address of account to upgrade. Mutually exclusive with walletId and didUri . |
wallet_id |
string |
Wallet ID of account to upgrade. Mutually exclusive with email and didUri . |
did_uri |
string |
DID URI of the account to upgrade. Mutually exclusive with email and walletId . |
method |
services.common.v1.SupportedDidMethod |
DID Method to which wallet should be upgraded |
ion_options |
IonOptions |
Configuration for creation of DID on ION network |
indy_options |
IndyOptions |
Configuration for creation of DID on INDY network |
UpgradeDidResponse
Response to UpgradeDIDRequest
Field |
Type |
Description |
did |
string |
New DID of wallet |
WalletConfiguration
Strongly typed information about wallet configurations
Field |
Type |
Description |
name |
string |
Name/description of the wallet |
email |
string |
Deprecated. Deprecated and will be removed on August 1, 2023 -- use external_identities. This field is set to the first email address present in external_identities , if any. |
sms |
string |
Deprecated. Deprecated -- use external_identities |
wallet_id |
string |
|
public_did |
string |
The DID of the wallet |
config_type |
string |
|
auth_tokens |
services.account.v1.WalletAuthToken[] |
List of active authentication tokens for this wallet. This list does not contain the issued token, only metadata such as ID, description, and creation date. |
external_identity_ids |
string[] |
Deprecated. List of external identity IDs (email addresses, phone numbers, etc.) associated with this wallet. This is deprecated; use external_identities instead. |
ecosystem_id |
string |
Ecosystem in which this wallet is contained. |
description |
string |
|
external_identities |
WalletExternalIdentity[] |
List of external identities associated with this wallet. |
WalletExternalIdentity
An external identity (email address, phone number, etc.) associated with a wallet for authentication purposes.
Field |
Type |
Description |
provider |
IdentityProvider |
The type of this identity (whether this identity is an email address, phone number, etc.) |
id |
string |
The actual email address/phone number/etc. for this identity |
IdentityProvider
Name |
Number |
Description |
Unknown |
0 |
Identity provider is unknown |
Email |
1 |
Identity provider is email |
Phone |
2 |
Identity provider is phone |
Passkey |
3 |
Identity provider is passkey (WebAuthn) -- for Trinsic internal use only |
IndyOptions.IndyNetwork
Name |
Number |
Description |
Danube |
0 |
|
SovrinBuilder |
1 |
|
SovrinStaging |
2 |
|
Sovrin |
3 |
|
IdUnionTest |
4 |
|
IdUnion |
5 |
|
IndicioTest |
6 |
|
IndicioDemo |
7 |
|
Indicio |
8 |
|
IonOptions.IonNetwork
Name |
Number |
Description |
TestNet |
0 |
|
MainNet |
1 |
|
Top
services/verifiable-credentials/templates/v1/templates.proto
Service - CredentialTemplates
AppleWalletOptions
Configuration options for Apple Wallet when
Field |
Type |
Description |
background_color |
string |
Background color, in hex format, of credential when stored in an Apple Wallet. |
foreground_color |
string |
Foreground color, in hex format, of credential when stored in an Apple Wallet. |
label_color |
string |
Label color, in hex format, of credential when stored in an Apple Wallet. |
primary_field |
string |
The ID of the template field which should be used as the primary field of a credential. |
secondary_fields |
string[] |
The secondary fields of the credential. This is a mapping between the order of a secondary field (0 or 1) and the field name. |
auxiliary_fields |
string[] |
The auxiliary fields of the credential. This is a mapping between the order of an auxiliary field (0 or 1) and the field name. |
CreateCredentialTemplateRequest
Request to create a new template
Field |
Type |
Description |
name |
string |
Name of new template. Must be a unique identifier within its ecosystem. |
fields |
CreateCredentialTemplateRequest.FieldsEntry[] |
Fields which compose the template |
allow_additional_fields |
bool |
Whether credentials may be issued against this template which have fields not specified in fields |
title |
string |
Human-readable name of template |
description |
string |
Human-readable description of template |
field_ordering |
CreateCredentialTemplateRequest.FieldOrderingEntry[] |
Optional map describing how to order and categorize the fields within the template. The key of this map is the field name . If not provided, this will be auto-generated. |
apple_wallet_options |
AppleWalletOptions |
Options for rendering the template in Apple Wallet |
CreateCredentialTemplateRequest.FieldOrderingEntry
CreateCredentialTemplateRequest.FieldsEntry
CreateCredentialTemplateResponse
Response to CreateCredentialTemplateRequest
CreateVerificationTemplateRequest
TODO - Add support for predicate types - currently only equality. |
| credential_template_id | string | Source credential template, used for verifying that the specified fields
are present in the credential template |
| title | string | Human-readable name of template |
| description | string | Human-readable description of template |
CreateVerificationTemplateRequest.FieldsEntry
CreateVerificationTemplateResponse
DeleteCredentialTemplateRequest
Request to delete a template by ID
Field |
Type |
Description |
id |
string |
ID of template to delete |
DeleteCredentialTemplateResponse
Response to DeleteCredentialTemplateRequest
DeleteVerificationTemplateRequest
Field |
Type |
Description |
verification_template_id |
string |
|
DeleteVerificationTemplateResponse
This space intentionally left blank
FieldOrdering
Ordering information for a template field
Field |
Type |
Description |
order |
int32 |
The order of the field; must be unique within the Template. Fields are sorted by order ascending when displaying a credential. Field orders must be contiguous from 0 to the number of fields minus 1. |
section |
string |
The human-readable name of the section this field appears in; used to group together fields when displaying a credential. Sections must be contiguous with respect to order . |
GetCredentialTemplateRequest
Request to fetch a template by ID
Field |
Type |
Description |
id |
string |
ID of template to fetch |
GetCredentialTemplateResponse
Response to GetCredentialTemplateRequest
Field |
Type |
Description |
template |
TemplateData |
Template fetched by ID |
GetVerificationTemplateRequest
Request to fetch a template by ID
Field |
Type |
Description |
id |
string |
ID of template to fetch |
GetVerificationTemplateResponse
Response to GetCredentialTemplateRequest
ListCredentialTemplatesRequest
Request to list templates using a SQL query
Field |
Type |
Description |
query |
string |
SQL query to execute. Example: SELECT * FROM c WHERE c.name = 'Diploma' |
continuation_token |
string |
Token provided by previous ListCredentialTemplatesResponse if more data is available for query |
ListCredentialTemplatesResponse
Response to ListCredentialTemplatesRequest
Field |
Type |
Description |
templates |
TemplateData[] |
Templates found by query |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via ListCredentialTemplatesRequest |
ListVerificationTemplatesRequest
Request to list templates using a SQL query
Field |
Type |
Description |
query |
string |
SQL query to execute. Example: SELECT * FROM c WHERE c.name = 'Diploma' |
continuation_token |
string |
Token provided by previous ListCredentialTemplatesResponse if more data is available for query |
ListVerificationTemplatesResponse
Field |
Type |
Description |
templates |
VerificationTemplateData[] |
Templates found by query |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via ListVerificationTemplatesRequest |
SearchCredentialTemplatesRequest
Request to search templates using a SQL query
Field |
Type |
Description |
query |
string |
SQL query to execute. Example: SELECT * FROM c WHERE c.name = 'Diploma' |
continuation_token |
string |
Token provided by previous SearchCredentialTemplatesResponse if more data is available for query |
SearchCredentialTemplatesResponse
Response to SearchCredentialTemplatesRequest
Field |
Type |
Description |
items_json |
string |
Raw JSON data returned from query |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via SearchCredentialTemplatesRequest |
TemplateData
Credential Template
Field |
Type |
Description |
id |
string |
Template ID |
name |
string |
Template name |
version |
int32 |
Template version number |
fields |
TemplateData.FieldsEntry[] |
Fields defined for the template |
allow_additional_fields |
bool |
Whether credentials issued against this template may contain fields not defined by template |
schema_uri |
string |
URI pointing to template JSON schema document |
ecosystem_id |
string |
ID of ecosystem in which template resides |
type |
string |
Template type (VerifiableCredential ) |
created_by |
string |
ID of template creator |
date_created |
string |
Date when template was created as ISO 8601 utc string |
title |
string |
Human-readable template title |
description |
string |
Human-readable template description |
field_ordering |
TemplateData.FieldOrderingEntry[] |
Map describing how to order and categorize the fields within the template. The key of this map is the field name . |
apple_wallet_options |
AppleWalletOptions |
Options for rendering the template in Apple Wallet |
TemplateData.FieldOrderingEntry
TemplateData.FieldsEntry
TemplateField
A field defined in a template
Field |
Type |
Description |
title |
string |
Human-readable name of the field |
description |
string |
Human-readable description of the field |
optional |
bool |
Whether this field may be omitted when a credential is issued against the template |
type |
FieldType |
The type of the field |
uri_data |
UriFieldData |
How to deal with this URI field when rendering credential. Only use if type is URI . |
TemplateFieldPatch
A patch to apply to an existing template field
Field |
Type |
Description |
title |
string |
Human-readable name of the field |
description |
string |
Human-readable description of the field |
uri_data |
UriFieldData |
How to deal with this URI field when rendering credential. Only use if type is URI . |
UpdateCredentialTemplateRequest
Request to update display information for a template
UpdateCredentialTemplateRequest.FieldOrderingEntry
UpdateCredentialTemplateRequest.FieldsEntry
UpdateCredentialTemplateResponse
Response to UpdateCredentialTemplateRequest
Field |
Type |
Description |
updated_template |
TemplateData |
The Template after the update has been applied |
UpdateVerificationTemplateRequest
UpdateVerificationTemplateRequest.FieldsEntry
UpdateVerificationTemplateResponse
UriFieldData
Data pertaining to a URI Field
Field |
Type |
Description |
mime_type |
string |
Expected MIME Type of content pointed to by URI. Can be generic (eg, "image/") or specific ("image/png"). Defaults to "application/octet-stream". |
render_method |
UriRenderMethod |
How to display the URI value when rendering a credential. |
VerificationTemplateData
Verification Template
Field |
Type |
Description |
id |
string |
Template ID |
name |
string |
Template name |
version |
int32 |
Template version number |
fields |
VerificationTemplateData.FieldsEntry[] |
Fields defined for the template |
credential_template_id |
string |
Source credential template, used for verifying that the specified fields are present in the credential template |
ecosystem_id |
string |
ID of ecosystem in which template resides |
type |
string |
Template type (VerificationTemplate ) |
created_by |
string |
ID of template creator |
date_created |
string |
Date when template was created as ISO 8601 utc string |
title |
string |
Human-readable template title |
description |
string |
Human-readable template description |
VerificationTemplateData.FieldsEntry
VerificationTemplateField
A field defined in a template
Field |
Type |
Description |
field_share_type |
VerificationShareType |
Whether this field may be omitted on proof creation |
usage_policy |
string |
User-facing explanation of what is done with this data |
TODO - Future work supporting proof conditionals/ranges/etc |
VerificationTemplateFieldPatch
A patch to apply to an existing template field
Field |
Type |
Description |
field_share_type |
VerificationShareType |
Human-readable name of the field |
usage_policy |
string |
User-facing explanation of what is done with this data |
FieldType
Valid types for credential fields
Name |
Number |
Description |
STRING |
0 |
|
NUMBER |
1 |
|
BOOL |
2 |
|
DATETIME |
4 |
|
URI |
5 |
|
UriRenderMethod
How to display a URI value when rendering a credential.
Name |
Number |
Description |
TEXT |
0 |
Display URI as text |
LINK |
1 |
Display URI as a clickable link |
INLINE_IMAGE |
2 |
Display URI as an inline image. Only takes effect if the template field's MIME Type is an image type. |
VerificationShareType
Name |
Number |
Description |
OPTIONAL |
0 |
|
REQUIRED |
1 |
|
Top
services/verifiable-credentials/v1/verifiable-credentials.proto
Service - VerifiableCredential
AcceptCredentialRequest
Field |
Type |
Description |
document_json |
string |
The JSON document that contains the credential offer |
item_id |
string |
The ID of the credential offer (Parameter ID inside the JSON document) |
AcceptCredentialResponse
Field |
Type |
Description |
item_id |
string |
The ID of the item in the wallet that contains the issued credential |
document_json |
string |
The JSON document that contains the issued credential. This item is already stored in the wallet. |
CheckStatusRequest
Request to check a credential's revocation status
Field |
Type |
Description |
credential_status_id |
string |
Credential Status ID to check. This is not the same as the credential's ID. |
CheckStatusResponse
Response to CheckStatusRequest
Field |
Type |
Description |
revoked |
bool |
The credential's revocation status |
CreateCredentialOfferRequest
Field |
Type |
Description |
template_id |
string |
ID of template to use |
values_json |
string |
JSON document string with keys corresponding to the fields of the template referenced by template_id |
holder_binding |
bool |
If true, the credential will be issued with holder binding by specifying the holder DID in the credential subject |
include_governance |
bool |
If true, the issued credential will contain an attestation of the issuer's membership in the ecosystem's Trust Registry. |
generate_share_url |
bool |
If true, a short URL link will be generated that can be used to share the credential offer with the holder. This link will point to the credential offer in the wallet app. |
signature_type |
SignatureType |
The type of signature to use when signing the credential. Defaults to EXPERIMENTAL . |
CreateCredentialOfferResponse
Field |
Type |
Description |
document_json |
string |
The JSON document that contains the credential offer |
share_url |
string |
If requested, a URL that can be used to share the credential offer with the holder. This is a short URL that can be used in a QR code and will redirect the holder to the credential offer using the wallet app. |
CreateProofRequest
Request to create a proof for a Verifiable Credential using public key tied to caller.
Either item_id
, or document_json
may be provided, not both.
Field |
Type |
Description |
reveal_document_json |
string |
A valid JSON-LD frame describing which fields should be revealed in the generated proof. If unspecified, all fields in the document will be revealed |
reveal_template |
RevealTemplateAttributes |
Information about what sections of the document to reveal |
verification_template_id |
string |
Id of verification template with which to construct the JSON-LD proof document |
item_id |
string |
ID of wallet item stored in a Trinsic cloud wallet |
document_json |
string |
A valid JSON-LD Verifiable Credential document string with an unbound signature. The proof will be derived from this document directly. The document will not be stored in the wallet. |
use_verifiable_presentation |
bool |
Wrap the output in a verifiable presentation. If the credential used in the proof is bound to the holder DID, the output will always use a verifiable presentation and this field will be ignored. |
nonce |
bytes |
Nonce value used to derive the proof. If not specified, a random nonce will be generated. This value may be represented in base64 format in the proof model. |
CreateProofResponse
Response to CreateProofRequest
Field |
Type |
Description |
proof_document_json |
string |
Valid JSON-LD proof for the specified credential |
IssueFromTemplateRequest
Request to create and sign a JSON-LD Verifiable Credential from a template using public key tied to caller
Field |
Type |
Description |
template_id |
string |
ID of template to use |
values_json |
string |
JSON document string with keys corresponding to the fields of the template referenced by template_id |
save_copy |
bool |
Save a copy of the issued credential to this user's wallet. This copy will only contain the credential data, but not the secret proof value. Issuers may use this data to keep track of the details for revocation status. |
expiration_date |
string |
The ISO8601 expiration UTC date of the credential. This is a reserved field in the VC specification. If specified, the issued credential will contain an expiration date. https://www.w3.org/TR/vc-data-model/#expiration |
include_governance |
bool |
If true, the issued credential will contain an attestation of the issuer's membership in the ecosystem's Trust Registry. |
signature_type |
SignatureType |
The type of signature to use when signing the credential. Defaults to EXPERIMENTAL . |
IssueFromTemplateResponse
Response to IssueFromTemplateRequest
Field |
Type |
Description |
document_json |
string |
Verifiable Credential document, in JSON-LD form, constructed from the specified template and values; signed with public key tied to caller of IssueFromTemplateRequest |
RejectCredentialRequest
Field |
Type |
Description |
document_json |
string |
The JSON document that contains the credential offer |
item_id |
string |
The ID of the credential offer (Parameter ID inside the JSON document) |
RejectCredentialResponse
RevealTemplateAttributes
Field |
Type |
Description |
template_attributes |
string[] |
A list of document attributes to reveal. If unset, all attributes will be returned. |
SendRequest
Request to send a document to another user's wallet
Field |
Type |
Description |
email |
string |
Email address of user to whom you'll send the item |
wallet_id |
string |
Wallet ID of the recipient within the ecosystem |
did_uri |
string |
DID URI of the recipient |
phone_number |
string |
SMS of user to whom you'll send the item |
send_notification |
bool |
Send email notification that credential has been sent to a wallet |
document_json |
string |
JSON document to send to recipient |
SendResponse
Response to SendRequest
UpdateStatusRequest
Request to update a credential's revocation status
Field |
Type |
Description |
credential_status_id |
string |
Credential Status ID to update. This is not the same as the credential's ID. |
revoked |
bool |
New revocation status of credential |
UpdateStatusResponse
Response to UpdateStatusRequest
ValidationMessage
Result of a validation check on a proof
Field |
Type |
Description |
is_valid |
bool |
Whether this validation check passed |
messages |
string[] |
If validation failed, contains messages explaining why |
VerifyProofRequest
Request to verify a proof
Field |
Type |
Description |
proof_document_json |
string |
JSON-LD proof document string to verify |
VerifyProofResponse
Response to VerifyProofRequest
Field |
Type |
Description |
is_valid |
bool |
Whether all validations in validation_results passed |
validation_results |
VerifyProofResponse.ValidationResultsEntry[] |
Results of each validation check performed, such as schema conformance, revocation status, signature, etc. Detailed results are provided for failed validations. |
VerifyProofResponse.ValidationResultsEntry
SignatureType
Name |
Number |
Description |
UNSPECIFIED |
0 |
The signature type is not specified. The experimental signature type will be used. |
STANDARD |
1 |
The signature type uses EdDSA with the Ed25519 curve (NIST compliant). This type of signature does not support selective disclosure of attributes. |
EXPERIMENTAL |
2 |
The signature type uses BBS signatures with BLS12-381 curve (experimental). This type of signature allows for selective disclosure of attributes. |
Top
services/options/field-options.proto
AnnotationOption
Field |
Type |
Description |
active |
bool |
Is this annotation active |
message |
string |
Custom annotation message to provide |
SdkTemplateOption
Field |
Type |
Description |
anonymous |
bool |
Whether the service endpoint allows anonymous (no auth token necessary) authentication This is used by the protoc-gen-trinsic-sdk plugin for metadata. |
ignore |
bool |
Whether the SDK template generator should ignore this method. This method will be wrapped manually. |
no_arguments |
bool |
Whether the SDK template generator should generate this method without arguments, eg ProviderService.GetEcosystemInfo() where the request object is empty |
experimental |
AnnotationOption |
This endpoint is experimental. Consider it in beta, so documentation may be incomplete or incorrect. |
deprecated |
AnnotationOption |
This endpoint is deprecated. It will be removed in the future. |
File-level Extensions
Extension |
Type |
Base |
Number |
Description |
optional |
bool |
.google.protobuf.FieldOptions |
60000 |
Whether field is optional in Trinsic's backend. This is not the same as an optional protobuf label; it only impacts documentation generation for the field. |
sdk_template_option |
SdkTemplateOption |
.google.protobuf.MethodOptions |
60001 |
|
Top
services/connect/v1/connect.proto
Service - Connect
The Connect service provides access to Trinsic Connect, a reusable identity verification service.
CancelSessionRequest
Request to cancel an Identity Verification Session
Field |
Type |
Description |
idv_session_id |
string |
The ID of the IDVSession to cancel |
CancelSessionResponse
Response to CancelIDVSessionRequest
Field |
Type |
Description |
session |
IDVSession |
The IDVSession in its current state after cancellation |
CreateSessionRequest
Request to create an Identity Verification Session
CreateSessionResponse
Response to CreateIDVSessionRequest
Field |
Type |
Description |
session |
IDVSession |
The created IDVSession |
GetSessionRequest
Request to get an IDVSession
Field |
Type |
Description |
idv_session_id |
string |
The ID of the IDVSession to get |
GetSessionResponse
Response to GetIDVSessionRequest
Field |
Type |
Description |
session |
IDVSession |
The IDVSession |
IDVSession
An Identity Verification Session
Field |
Type |
Description |
id |
string |
The ID of the IDVSession. |
client_token |
string |
The Client Token for this IDVSession. This should be passed to your frontend to initiate the IDV flow using Trinsic's Web SDK. |
state |
IDVSessionState |
State of the IDVSession |
verifications |
IDVSession.VerificationsEntry[] |
The actual Verifications to perform in this IDV flow |
fail_code |
SessionFailCode |
The reason for the IDVSession's failure. Only set if state is IDV_FAILED . |
result_vp |
string |
The resultant signed VP combining the results of all verifications |
created |
fixed64 |
The unix timestamp, in seconds, that this IDVSession was created |
updated |
fixed64 |
The unix timestamp, in seconds, that this IDVSession's state was last updated |
IDVSession.VerificationsEntry
ListSessionsRequest
Request to list all IDVSessions you've created
Field |
Type |
Description |
order_by |
SessionOrdering |
The field by which sessions should be sorted. Defaults to CREATED . |
order_direction |
services.common.v1.OrderDirection |
The order in which sessions should be sorted. Defaults to ASCENDING . |
page_size |
int32 |
The number of results to return per page. Must be between 1 and 10 , inclusive. Defaults to 10 . |
page |
int32 |
The page index of results to return. Starts at 1 . Defaults to 1 . |
ListSessionsResponse
Response to ListIDVSessionsRequest
Field |
Type |
Description |
sessions |
IDVSession[] |
The sessions you've created |
total |
int32 |
The total number of sessions you've created |
more |
bool |
If true , this is not the last page of results. If false , this is the last page of results. |
RequestedVerification
A verification to perform in an IDV flow
Field |
Type |
Description |
type |
VerificationType |
The type of verification to perform |
Verification
A Verification that is part of an IDVSession
Field |
Type |
Description |
id |
string |
The ID of the verification |
type |
VerificationType |
The type of verification (driver's license, passport, proof of address, etc) |
state |
VerificationState |
The state of the verification |
fail_code |
VerificationFailCode |
The reason for the Verification's failure. Only set if state is VERIFICATION_FAILED . |
reused |
bool |
Whether this was a reused (true) or fresh (false) verification. If state is not VERIFICATION_SUCCESS , this field is false and does not convey useful information. |
begun |
fixed64 |
The unix timestamp, in seconds, when this verification was begun by the user -- or 0 if not yet begun. |
updated |
fixed64 |
The unix timestamp, in seconds, when this verification last changed state -- o |
IDVSessionState
The states a VerificationSession can be in
Name |
Number |
Description |
IDV_CREATED |
0 |
Session has been created, but not yet shown to user |
IDV_INITIATED |
1 |
Session has been shown to user (iframe / popup opened), but user has not yet logged in. |
IDV_AUTHENTICATING |
2 |
User has entered their phone number, but not yet authenticated with the code sent via SMS |
IDV_IN_PROGRESS |
3 |
User has been authenticated and is performing identity verification |
IDV_SUCCESS |
4 |
Session was completed successfully and IDV data is available to RP |
IDV_FAILED |
5 |
The session failed; reason is present in fail_code . |
SessionFailCode
The specific reason an IDVSession is in the Failed
state
Name |
Number |
Description |
SESSION_FAIL_NONE |
0 |
The Session is not in a failure state. |
SESSION_FAIL_INTERNAL |
1 |
An internal Trinsic error caused this session to fail |
SESSION_FAIL_VERIFICATION_FAILED |
2 |
The session failed because one or more of the verifications failed. The reason for the failure is present in the fail_reason field of the relevant Verification object(s). |
SESSION_FAIL_AUTHENTICATION |
3 |
The session failed because the user failed to authenticate with their phone number too many times. |
SESSION_FAIL_EXPIRED |
4 |
The session expired |
SESSION_FAIL_USER_CANCELED |
5 |
The user canceled / rejected the session |
SESSION_FAIL_RP_CANCELED |
6 |
The RP canceled the session |
SessionOrdering
Controls how sessions are ordered in ListSessions
Name |
Number |
Description |
CREATED |
0 |
Order sessions according to when they were created |
UPDATED |
1 |
Order sessions according to when they last changed state |
STATE |
2 |
Order sessions according to their numerical state |
VerificationFailCode
The specific reason a Verification is in the Failed
state
Name |
Number |
Description |
VERIFICATION_FAIL_NONE |
0 |
The verification is not in a failure state |
VERIFICATION_FAIL_INTERNAL |
1 |
An internal Trinsic error caused this verification to fail |
VERIFICATION_FAIL_INVALID_IMAGE |
2 |
The image(s) provided for this verification were either too low-quality, not of the correct type, or otherwise unable to be processed. This failure reason is non-terminal; the user is able to retry the verification. |
VERIFICATION_FAIL_INAUTHENTIC |
3 |
The identity data/images provided are suspected to be inauthentic, fraudulent, or forged. |
VERIFICATION_FAIL_UNSUPPORTED_DOCUMENT |
4 |
The document provided is either of an unsupported type, or from an unsupported country. |
VerificationState
The states an individual Verification can be in
Name |
Number |
Description |
VERIFICATION_PENDING |
0 |
This verification has not yet been performed in the flow |
VERIFICATION_PENDING_REUSE |
1 |
This verification has been started by the user, and can be reused from a previous verification, but the user has not yet decided whether to reuse it. |
VERIFICATION_STARTED |
2 |
This verification has been started by the user, but not yet completed |
VERIFICATION_SUCCESS |
3 |
This verification has been successfully completed |
VERIFICATION_FAILED |
4 |
This verification has failed |
VerificationType
The type of verification to perform
Name |
Number |
Description |
GOVERNMENT_ID |
0 |
Government-issued ID (driver's license, passport, etc) |
Top
services/file-management/v1/file-management.proto
Service - FileManagement
DeleteFileRequest
Request to delete a file from Trinsic's CDN by ID
Field |
Type |
Description |
id |
string |
ID of file to delete |
DeleteFileResponse
Response to DeleteFileRequest
. Empty payload.
File
Contains information about a file stored in Trinsic's CDN
Field |
Type |
Description |
id |
string |
ID of file, generated randomly by Trinsic on upload |
uploader_id |
string |
Wallet ID of uploader |
size |
uint32 |
Size, in bytes, of file |
mime_type |
string |
Uploader-provided MIME type of file |
uploaded |
string |
ISO 8601 timestamp of when file was uploaded to Trinsic |
url |
string |
CDN URL of file |
GetFileRequest
Request to fetch information about a stored file
Field |
Type |
Description |
id |
string |
ID of file to fetch |
GetFileResponse
Response to GetFileRequest
Field |
Type |
Description |
file |
File |
File specified by id parameter of GetFileRequest . |
GetStorageStatsRequest
Request to get statistics about files uploaded by this account
GetStorageStatsResponse
Response to GetStorageStatsRequest
Field |
Type |
Description |
stats |
StorageStats |
Statistics about files uploaded by the calling account |
ListFilesRequest
Request to list files
Field |
Type |
Description |
query |
string |
Query to search with. If not specified, will return the most recent 100 files. |
continuation_token |
string |
Token provided by previous ListFilesRequest if more data is available for query |
ListFilesResponse
Response to ListFilesRequest
Field |
Type |
Description |
files |
File[] |
Files found by query |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via ListFilesRequest |
StorageStats
Represents aggregate statistics of all files uploaded by a single issuer
Field |
Type |
Description |
num_files |
uint32 |
Number of files uploaded by this account |
total_size |
uint64 |
Sum total size of all files, in bytes |
UploadFileRequest
Request to upload a file to Trinsic's CDN
Field |
Type |
Description |
contents |
bytes |
Raw content of file |
mime_type |
string |
MIME type describing file contents |
UploadFileResponse
Response to UploadFileRequest
Field |
Type |
Description |
uploaded_file |
File |
Information about newly-uploaded file |
Top
services/universal-wallet/v1/universal-wallet.proto
Service - UniversalWallet
Service for managing wallets
AddExternalIdentityConfirmRequest
Field |
Type |
Description |
challenge |
string |
The challenge received from the AddExternalIdentityInit endpoint |
response |
string |
The response to the challenge. If using Email or Phone, this is the OTP code sent to the user's email or phone |
AddExternalIdentityConfirmResponse
AddExternalIdentityInitRequest
Field |
Type |
Description |
identity |
string |
The user identity to add to the wallet This can be an email address or phone number (formatted as +[country code][phone number]) |
provider |
services.provider.v1.IdentityProvider |
The type of identity provider, like EMAIL or PHONE |
AddExternalIdentityInitResponse
Field |
Type |
Description |
challenge |
string |
Challenge or reference to the challenge to be used in the AddExternalIdentityConfirm endpoint |
AuthenticateConfirmRequest
Field |
Type |
Description |
challenge |
string |
The challenge received from the AcquireAuthTokenInit endpoint |
response |
string |
The response to the challenge. If using Email or Phone, this is the OTP code sent to the user's email or phone |
AuthenticateConfirmResponse
Field |
Type |
Description |
auth_token |
string |
Auth token for the wallet |
AuthenticateInitRequest
AuthenticateInitResponse
Field |
Type |
Description |
challenge |
string |
The challenge received from the AcquireAuthTokenInit endpoint Pass this challenge back to the AcquireAuthTokenConfirm endpoint |
AuthenticateResendCodeRequest
Field |
Type |
Description |
challenge |
string |
Challenge for the code you want resent. |
AuthenticateResendCodeResponse
CreateWalletRequest
Field |
Type |
Description |
ecosystem_id |
string |
Ecosystem ID of the wallet to create |
description |
string |
Wallet name or description. Use this field to add vendor specific information about this wallet, such as email, phone, internal ID, or anything you'd like to associate with this wallet. This field is searchable. |
identity |
CreateWalletRequest.ExternalIdentity |
Optional identity to add to the wallet (email or sms). Use this field when inviting participants into an ecosystem. If this field is set, an auth token will not be sent in the response. |
CreateWalletRequest.ExternalIdentity
Field |
Type |
Description |
identity |
string |
The user identity to add to the wallet This can be an email address or phone number (formatted as +[country code][phone number]) |
provider |
services.provider.v1.IdentityProvider |
The type of identity provider, like EMAIL or PHONE |
CreateWalletResponse
DeleteItemRequest
Request to delete an item in a wallet
Field |
Type |
Description |
item_id |
string |
ID of item to delete |
DeleteItemResponse
Response to DeleteItemRequest
DeleteWalletRequest
Request to delete a wallet
Field |
Type |
Description |
email |
string |
Email address of account to delete. Mutually exclusive with walletId and didUri . |
wallet_id |
string |
Wallet ID of account to delete. Mutually exclusive with email and didUri . |
did_uri |
string |
DID URI of the account to delete. Mutually exclusive with email and walletId . |
DeleteWalletResponse
Response to DeleteWalletRequest
. Empty payload.
GenerateAuthTokenRequest
Field |
Type |
Description |
wallet_id |
string |
|
token_description |
string |
|
GenerateAuthTokenResponse
GetItemRequest
Request to fetch an item from wallet
Field |
Type |
Description |
item_id |
string |
ID of item in wallet |
GetItemResponse
Response to GetItemRequest
Field |
Type |
Description |
item_json |
string |
Item data as a JSON string |
item_type |
string |
Type of item specified when item was inserted into wallet |
GetMyInfoRequest
Request to retrieve wallet information about the currently authenticated wallet
GetMyInfoResponse
Response to GetMyInfoRequest
GetWalletFromExternalIdentityRequest
GetWalletFromExternalIdentityResponse
Response to GetWalletFromExternalIdentityRequest
GetWalletInfoRequest
Request to retrieve wallet information about a given wallet identified by its wallet ID
Field |
Type |
Description |
wallet_id |
string |
Wallet ID of the wallet to retrieve |
GetWalletInfoResponse
Response to GetWalletInfoRequest
InsertItemRequest
Request to insert a JSON document into a wallet
Field |
Type |
Description |
item_json |
string |
Document to insert; must be stringified JSON |
item_type |
string |
Item type (ex. "VerifiableCredential") |
InsertItemResponse
Response to InsertItemRequest
Field |
Type |
Description |
item_id |
string |
ID of item inserted into wallet |
ListByVerificationTemplateRequest
Request to list templates by
Field |
Type |
Description |
verification_template_id |
string |
ID of verification template to list matching credentials |
continuation_token |
string |
Token provided by previous ListCredentialTemplatesResponse if more data is available for query |
ListByVerificationTemplateResponse
Response to ListByVerificationTemplateRequest
Field |
Type |
Description |
items |
string[] |
Array of query results, as JSON strings |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via ListByVerificationTemplateRequest |
ListWalletsRequest
Field |
Type |
Description |
filter |
string |
|
ListWalletsResponse
RemoveExternalIdentityRequest
Field |
Type |
Description |
identity |
string |
The user identity to remove from the wallet This can be an email address or phone number (formatted as +[country code][phone number]) |
RemoveExternalIdentityResponse
RevokeAuthTokenRequest
Request to revoke a previously issued auth token
Field |
Type |
Description |
wallet_id |
string |
Wallet ID of the wallet to from which to revoke the token |
token_id |
string |
Token ID of the token to revoke |
RevokeAuthTokenResponse
SearchRequest
Request to search items in wallet
Field |
Type |
Description |
query |
string |
SQL Query to execute against items in wallet |
continuation_token |
string |
Token provided by previous SearchResponse if more data is available for query |
SearchResponse
Response to SearchRequest
Field |
Type |
Description |
items |
string[] |
Array of query results, as JSON strings |
has_more_results |
bool |
Whether more results are available for this query via continuation_token |
continuation_token |
string |
Token to fetch next set of results via SearchRequest |
UpdateItemRequest
Request to update item in wallet
Field |
Type |
Description |
item_id |
string |
ID of item in wallet |
item_type |
string |
Item type (ex. "VerifiableCredential") |
UpdateItemResponse
Response to UpdateItemRequest
Top
services/common/v1/common.proto
Nonce
Nonce used to generate an oberon proof
Field |
Type |
Description |
timestamp |
int64 |
UTC unix millisecond timestamp the request was made |
request_hash |
bytes |
blake3256 hash of the request body |
TrinsicClientOptions
Field |
Type |
Description |
server_endpoint |
string |
Trinsic API endpoint. Defaults to prod.trinsic.cloud |
server_port |
int32 |
Trinsic API port; defaults to 443 |
server_use_tls |
bool |
Whether TLS is enabled between SDK and Trinsic API; defaults to true |
auth_token |
string |
Authentication token for SDK calls; defaults to empty string (unauthenticated) |
OrderDirection
The direction to order results
Name |
Number |
Description |
ASCENDING |
0 |
|
DESCENDING |
1 |
|
ResponseStatus
Name |
Number |
Description |
SUCCESS |
0 |
|
WALLET_ACCESS_DENIED |
10 |
|
WALLET_EXISTS |
11 |
|
ITEM_NOT_FOUND |
20 |
|
SERIALIZATION_ERROR |
200 |
|
UNKNOWN_ERROR |
100 |
|
SupportedDidMethod
Enum of all supported DID Methods
https://docs.godiddy.com/en/supported-methods
Name |
Number |
Description |
KEY |
0 |
The did:key method -- all wallets use this by default |
ION |
1 |
The did:ion method -- Sidetree implementation on top of Bitcoin by Microsoft |
INDY |
2 |
The did:sov method -- Hyperledger Indy based by Sovrin Foundation |
Top
sdk/options/v1/options.proto
TrinsicOptions
Configuration for Trinsic SDK Services
Field |
Type |
Description |
server_endpoint |
string |
Trinsic API endpoint. Defaults to prod.trinsic.cloud |
server_port |
int32 |
Trinsic API port; defaults to 443 |
server_use_tls |
bool |
Whether TLS is enabled between SDK and Trinsic API; defaults to true |
auth_token |
string |
Authentication token for SDK calls; defaults to empty string (unauthenticated) |
Default ecosystem ID to use for various SDK calls; defaults to default
string default_ecosystem = 5; |
Scalar Value Types
.proto Type |
Notes |
C++ |
Java |
Python |
Go |
C# |
PHP |
double |
|
double |
double |
float |
float64 |
double |
float |
float |
|
float |
float |
float |
float32 |
float |
float |
int32 |
Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. |
int32 |
int |
int |
int32 |
int |
integer |
int64 |
Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. |
int64 |
long |
int/long |
int64 |
long |
integer/string |
uint32 |
Uses variable-length encoding. |
uint32 |
int |
int/long |
uint32 |
uint |
integer |
uint64 |
Uses variable-length encoding. |
uint64 |
long |
int/long |
uint64 |
ulong |
integer/string |
sint32 |
Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. |
int32 |
int |
int |
int32 |
int |
integer |
sint64 |
Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. |
int64 |
long |
int/long |
int64 |
long |
integer/string |
fixed32 |
Always four bytes. More efficient than uint32 if values are often greater than 2^28. |
uint32 |
int |
int |
uint32 |
uint |
integer |
fixed64 |
Always eight bytes. More efficient than uint64 if values are often greater than 2^56. |
uint64 |
long |
int/long |
uint64 |
ulong |
integer/string |
sfixed32 |
Always four bytes. |
int32 |
int |
int |
int32 |
int |
integer |
sfixed64 |
Always eight bytes. |
int64 |
long |
int/long |
int64 |
long |
integer/string |
bool |
|
bool |
boolean |
boolean |
bool |
bool |
boolean |
string |
A string must always contain UTF-8 encoded or 7-bit ASCII text. |
string |
String |
str/unicode |
string |
string |
string |
bytes |
May contain any arbitrary sequence of bytes. |
string |
ByteString |
str |
[]byte |
ByteString |
string |