Structure Overview
A Verifiable Credential is a JSON-LD document containing metadata, claims about a subject, and a cryptographic proof. The structure is designed to be extensible while maintaining interoperability.
Required Properties
These properties MUST be present in every conforming Verifiable Credential.
| Property | Type | Required | Description |
|---|---|---|---|
| @context | Array<string | object> | Required | Must start with "https://www.w3.org/ns/credentials/v2". Defines vocabulary and semantics. |
| type | Array<string> | Required | Must include "VerifiableCredential". Can include additional types like "UniversityDegreeCredential". |
| issuer | string | object | Required | Identifier (usually a DID) of the entity that issued the credential. Can include name and other properties. |
| credentialSubject | object | Array<object> | Required | Contains claims about one or more subjects. Each subject can have an optional "id" property. |
@contextRequiredArray<string | object>Must start with "https://www.w3.org/ns/credentials/v2". Defines vocabulary and semantics.
typeRequiredArray<string>Must include "VerifiableCredential". Can include additional types like "UniversityDegreeCredential".
issuerRequiredstring | objectIdentifier (usually a DID) of the entity that issued the credential. Can include name and other properties.
credentialSubjectRequiredobject | Array<object>Contains claims about one or more subjects. Each subject can have an optional "id" property.
Optional Properties
These properties are optional but provide important functionality for many use cases.
| Property | Type | Required | Description |
|---|---|---|---|
| id | string (URI) | Optional | Unique identifier for the credential. Omitting increases privacy by reducing correlation. |
| validFrom | string (ISO 8601) | Optional | Date/time when the credential becomes valid. Before this time, the credential should not be accepted. |
| validUntil | string (ISO 8601) | Optional | Date/time when the credential expires. After this time, the credential should not be accepted. |
| credentialStatus | object | Optional | References a status list for checking revocation or suspension of the credential. |
| credentialSchema | object | Array<object> | Optional | References schemas that define the structure and validation rules for the credential. |
| name | string | Optional | Human-readable name for the credential. |
| description | string | Optional | Human-readable description of what the credential represents. |
| evidence | Array<object> | Optional | Information about how the issuer verified the claims before issuing the credential. |
| termsOfUse | Array<object> | Optional | Conditions or restrictions on the use of the credential. |
| refreshService | object | Optional | Service endpoint for refreshing or renewing the credential. |
idOptionalstring (URI)Unique identifier for the credential. Omitting increases privacy by reducing correlation.
validFromOptionalstring (ISO 8601)Date/time when the credential becomes valid. Before this time, the credential should not be accepted.
validUntilOptionalstring (ISO 8601)Date/time when the credential expires. After this time, the credential should not be accepted.
credentialStatusOptionalobjectReferences a status list for checking revocation or suspension of the credential.
credentialSchemaOptionalobject | Array<object>References schemas that define the structure and validation rules for the credential.
nameOptionalstringHuman-readable name for the credential.
descriptionOptionalstringHuman-readable description of what the credential represents.
evidenceOptionalArray<object>Information about how the issuer verified the claims before issuing the credential.
termsOfUseOptionalArray<object>Conditions or restrictions on the use of the credential.
refreshServiceOptionalobjectService endpoint for refreshing or renewing the credential.
Privacy Tip
Omitting the id property reduces correlation risk. Without a unique ID, different verifiers cannot easily link presentations of the same credential.
Temporal Validity
validFrom and validUntil define the credential's validity window. Verifiers should reject credentials outside this window.
JSON-LD Context
The @context property maps short-form property names to full URIs, enabling semantic interoperability. It defines the vocabulary used in the credential.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2",
{
"alumniOf": "https://schema.org/alumniOf",
"degree": "https://example.org/vocab#degree"
}
]
}What @context Does
- Maps short names like "issuer" to full URIs like "https://www.w3.org/2018/credentials#issuer"
- Enables different systems to understand the same terms consistently
- Allows extension with domain-specific vocabularies
- Supports semantic reasoning and data integration
Complete Example
A complete Verifiable Credential for a university degree, showing required and commonly-used optional properties.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"id": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
"type": ["VerifiableCredential", "UniversityDegreeCredential"],
"issuer": {
"id": "did:example:76e12ec712ebc6f1c221ebfeb1f",
"name": "Example University"
},
"validFrom": "2024-01-01T00:00:00Z",
"validUntil": "2029-01-01T00:00:00Z",
"credentialSubject": {
"id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
"degree": {
"type": "BachelorDegree",
"name": "Bachelor of Computer Science"
}
},
"credentialStatus": {
"id": "https://example.edu/status/24",
"type": "BitstringStatusListEntry",
"statusPurpose": "revocation",
"statusListIndex": "94567",
"statusListCredential": "https://example.edu/status-list/1"
}
}Issuer Object
The issuer can be a simple DID string or an object with additional properties like name, image, or url.
Credential Status
Using BitstringStatusListEntry allows efficient revocation checking without revealing which credential is being checked.