Skip to content
Vidos Logo Vidos

Methods

Overview

Section titled “Overview”

This page describes the Digital Credentials API methods (navigator.credentials.get() and navigator.credentials.create()) and the request/response shapes they carry.

The Digital Credentials API extends Credential Management Level 1 by adding a digital member to:

  • CredentialRequestOptions (used with navigator.credentials.get())
  • CredentialCreationOptions (used with navigator.credentials.create())

The digital member carries a list of protocol-specific requests.

Presentation request (navigator.credentials.get)

Section titled “Presentation request (navigator.credentials.get)”

A presentation request uses CredentialRequestOptions.digital with one or more DigitalCredentialGetRequest items:

  • protocol (string): a protocol identifier
  • data (object): protocol-defined request data

Conceptually:

const credential = await navigator.credentials.get({
    digital: {
        requests: [
            {
                protocol: 'example-request-protocol',
                data: {
                    /* protocol-defined request data */
                },
            },
        ],
    },
});

The returned value is a DigitalCredential, which includes:

  • protocol: the protocol used for the interaction
  • data: protocol-defined response data (JSON-parseable object types)

Issuance request (navigator.credentials.create)

Section titled “Issuance request (navigator.credentials.create)”

Issuance uses CredentialCreationOptions.digital with one or more DigitalCredentialCreateRequest items:

  • protocol (string): a protocol identifier
  • data (object): protocol-defined issuance request data

Conceptually:

const credential = await navigator.credentials.create({
    digital: {
        requests: [
            {
                protocol: 'example-issuance-protocol',
                data: {
                    /* protocol-defined issuance request data */
                },
            },
        ],
    },
});

User mediation, activation, and secure context

Section titled “User mediation, activation, and secure context”

Key requirements in the specification include:

  • operations require transient activation (for example, a user click)
  • user activation is consumed for each request
  • the DigitalCredential interface is exposed only in a secure context

The API is designed so that a website cannot silently request or issue credentials.

Protocol support checks

Section titled “Protocol support checks”

The API includes a feature-detection method:

  • DigitalCredential.userAgentAllowsProtocol(protocol: DOMString): boolean

This method is intentionally constrained so it does not reveal credential availability. For example, user agents must not change the response based on installed wallets or stored credentials.

Where Vidos fits

Section titled “Where Vidos fits”

Vidos does not define the browser API. Instead, Vidos provides request and response structures for specific protocols that are carried through the API.

For example, in the OpenID4VP DC API profile, the protocol identifier is openid4vp-v1-unsigned or openid4vp-v1-signed, and the data object is an OpenID4VP authorization request object.

See Protocol registry and Digital Credentials API integration (OpenID4VP).