createSdJwtCredential
function is an asynchronous method that generates a Signed Selective Disclosure JSON Web Token (SD-JWT) credential.
Installation
Function Signature
TypeScript
Parameters
privateKey
(string): is an RSA PEM key in String format, or a secp256k1 key in hex string.issuer
(string): is a URL that contains the Issuer’s Public key for verifying the VC’s signature (e.g.,https://static.terminal3.io/jwks.json
), or the Issuer’s DID (e.g.,did:key:<issuer_public_key>
).claims
(object): is an object that contains any information related to the user (e.g.,{ first_name: "Joey" }
).vct
(string): is the Verifiable Credential Type, and it should be a single name (e.g.,KycCredential
).disclosureFrame
(string[], optional): is used to specify which claim attributes the Issuers want to disclose. The list of attributes must be from claims. (e.g.,["first_name"]
).signAlg
(SdJwtSignerAlgorithm, optional): specify the algorithm for signing the VC, the current supported algorithms areRSA
orES256K
.hashAlg
(SdJwtHashAlgorithm, optional): specify the algorithm for hashing Disclosures, the current supported algorithm issha-256
.hasher
(Function, optional): to customize the hashing function, the default is usingSHA-256
.saltGenerator
(Function, optional): to customize the salt generator function, default is using randomBytes(length = 16).toString(‘hex’) from thecrypto
package.
Returns
Promise<string>
: A promise that resolves to an string representing the signed credential. This string contains JWT tokens as follows:
Exceptions
Throws an error if the signature type is unsupported or if the issuer’s identity type does not match the required type for the specified signature method (e.g., an issuer must be a DID for ES256K, and URL for RSA).Examples
TypeScript