Skip to content
Vidos Logo Vidos

Understanding Credential Schemas

What are Credential Schemas?

Section titled “What are Credential Schemas?”

Credential schemas are structural blueprints that define the format and constraints of verifiable credentials. They provide a standardized way to express what data a credential contains and how that data should be structured. Just as physical credentials like driver’s licenses follow consistent templates, digital credential schemas ensure consistent data formatting across the verifiable credentials ecosystem.

Credential schemas serve as a trust mechanism that enables all participants in the verifiable credentials ecosystem—issuers, holders, and verifiers—to consistently interpret credential data. When an issuer creates a credential according to a published schema, verifiers can validate that the credential conforms to the expected structure.

How Credential Schemas Fit into the VC Ecosystem

Section titled “How Credential Schemas Fit into the VC Ecosystem”

In the verifiable credentials ecosystem, schemas play a pivotal role in data integrity, interoperability, and trust:

graph TD
    A[Issuer] -->|Creates credentials using| B[Credential Schema]
    C[Holder] -->|Presents credentials conforming to| B
    D[Verifier] -->|Validates credentials against| B
    B -->|Ensures consistency in| E[Data Interpretation]
    B -->|Provides structure for| F[Credential Claims]
    B -->|Enables| G[Interoperability]

The W3C Verifiable Credentials Data Model defines an abstract model for credential schemas through the credentialSchema property, which helps verifiers determine if a credential conforms to a specific structure. This is particularly important when:

  • Different credential types need standardization across multiple issuers
  • Verifiers need to process credentials from various sources
  • Programmatic verification of credential structure is required
  • Industry-specific templates need to be established

JSON Schema Implementation

Section titled “JSON Schema Implementation”

The W3C Verifiable Credentials JSON Schema specification provides a concrete implementation of credential schemas using JSON Schema. This approach leverages existing JSON Schema standards to define structural validation rules for verifiable credentials.

Basic Structure

Section titled “Basic Structure”

A credential schema reference in a verifiable credential looks like this:

"credentialSchema": {
  "id": "https://example.com/schemas/email.json",
  "type": "JsonSchema"
}

The id property points to the actual JSON Schema document that defines the structure, while the type property specifies the validation mechanism (in this case, JSON Schema).

Schema Definition Example

Section titled “Schema Definition Example”

When you dereference the schema URL, you’ll find a JSON Schema document like this:

{
    "$id": "https://example.com/schemas/email.json",
    "$schema": "https://json-schema.org/draft/2020-12/schema",
    "title": "EmailCredential",
    "description": "EmailCredential using JsonSchema",
    "type": "object",
    "properties": {
        "credentialSubject": {
            "type": "object",
            "properties": {
                "emailAddress": {
                    "type": "string",
                    "format": "email"
                }
            },
            "required": ["emailAddress"]
        }
    }
}

This schema validates that credentials have a credentialSubject property with an emailAddress that conforms to email formatting rules.

JsonSchemaCredential

Section titled “JsonSchemaCredential”

For cases where additional trust and verification of the schema itself are needed, schemas can also be packaged as verifiable credentials. This allows for:

  • Verification of schema authorship
  • Validation of schema validity periods
  • Prevention of schema tampering

A JsonSchemaCredential combines the features of verifiable credentials with JSON Schema, creating a schema that itself comes with cryptographic proofs.

Schema Resolution and Validation

Section titled “Schema Resolution and Validation”

When processing a verifiable credential, schema validation typically follows these steps:

  1. Identify the credential schema reference via the credentialSchema property
  2. Resolve the schema by dereferencing the schema URL
  3. Validate the credential structure against the schema
  4. Continue with other verification steps if schema validation succeeds

Schema resolution—the process of dereferencing a schema URL to obtain the actual schema—is a crucial step that may involve security considerations, especially when schemas are hosted on remote servers.

Implementation Considerations

Section titled “Implementation Considerations”

When working with credential schemas, consider these important aspects:

Validation Scope

Section titled “Validation Scope”

Schemas can validate different parts of a credential:

  • The entire credential structure
  • Just the credentialSubject properties
  • Specific properties within the credential

Versioning

Section titled “Versioning”

As credential requirements evolve, schema versioning becomes important:

  • Consider including version information in schema URLs
  • Manage backward compatibility carefully
  • Document schema changes for all ecosystem participants

Privacy Implications

Section titled “Privacy Implications”

Schema design can impact privacy:

  • Overly specific schemas may leak sensitive information
  • Schemas should support data minimization principles
  • Consider schemas that enable selective disclosure of credential data

Storage and Distribution

Section titled “Storage and Distribution”

How schemas are stored and distributed affects the ecosystem:

  • Centralized repositories provide convenience but introduce single points of failure
  • Decentralized storage enhances resilience but may complicate resolution
  • Consider caching mechanisms for frequently used schemas

Relationship to Data Integrity

Section titled “Relationship to Data Integrity”

Credential schemas work in conjunction with data integrity mechanisms to provide comprehensive trust:

  • Schemas ensure the credential has the correct structure and data types
  • Data integrity proofs (like digital signatures) ensure the credential hasn’t been tampered with
  • Status mechanisms verify that the credential hasn’t been revoked

Together, these mechanisms create a robust foundation for trusted credential exchange.

Conclusion

Section titled “Conclusion”

Credential schemas are essential building blocks in the verifiable credentials ecosystem, providing structured templates that enable consistent interpretation of credential data across different parties. By implementing well-designed schemas, you can enhance interoperability, establish trust, and facilitate automated processing of credentials throughout your verification workflows.

While schemas define what a credential should contain, remember that they’re just one part of a comprehensive verification strategy that should also include cryptographic verification, status checking, and trust establishment.