PingOne Credentials Connector
Use the PingOne Credentials connector to issue, verify, and manage digital verifiable credentials with PingOne Credentials.
The connector sets up flows that help users issue credentials based on credentials templates and issuance rules that are configured and tied to the PingOne Digital Wallet Application.
This connector also helps set up flows that the credential verification service receives and responds to using the Decentralized Identity Foundation’s JWT VC Presentation Profile. Capabilities use the PingOne native protocols, which only work with apps that use the PingOne Neo Native SDKs.
Setup
Resources
For information and setup help, see the following sections of the PingOne Credentials and DaVinci documentation:
Requirements
To use the PingOne Credentials connector, you’ll need:
-
A PingOne license with PingOne credentials (Try PingOne for free)
-
A PingOne environment with a configured application
-
A PingOne application associated with a digital wallet and a Digital Wallet URL used to send notifications to the user related to the credentials
Depending on flow use case and the capabilities you use, you might also need:
-
A PingOne Digital Wallet Application ID, the Identifier (UUID) associated with the credential digital wallet app. For more information on developing and registering the wallet app that runs the PingOne Neo SDK, see Getting started with PingOne Credentials.
-
A Credential Type ID, the Identifier (UUID) associated with the credential type, used by compatible wallet apps. You can learn more about creating and updating a credential type in the PingOne admin console, or PingOne Credential Types API endpoint.
-
A Issuance Rule ID, the Identifier (UUID) of the credential issuance rules operations to create, read, and update rules for issuing, updating, and revoking credentials by credential type. Credential issuance rules can be set through the PingOne admin console, or Credential Issuance Rules API endpoint.
Setting up PingOne
Setting up your PingOne environment
Sign up for PingOne and configure an environment with PingOne Credentials. Make sure to also add the PingOne DaVinci service to your environment. Follow the instructions in Getting started with PingOne and Creating an environment.
Getting your environment details
Get your Environment ID and Region before setting up the PingOne Credentials connector in DaVinci:
-
In your PingOne environment, go to Settings → Environment Properties.
-
Locate the Environment ID and Region.
-
Copy these values to a secure location.
Getting your application credentials
Get the Client ID and Client secret from the PingOne console before setting up the PingOne Credentials connector in DaVinci:
-
In your PingOne environment, go to Applications → Applications. If you haven’t added the application yet, see Adding an application.
-
Locate the appropriate application and then click its entry to open the details panel.
-
On the Profile tab, locate the Client ID and Client secret.
-
Copy these values to a secure location.
Setting up the connector
In DaVinci, go to Connections and add a PingOne Credentials connection. For help, see Adding a connector.
Connector settings
Environment ID
The unique identifier for the appropriate PingOne environment. To find the environment ID, see Environment properties.
Client ID
The unique public identifier for the PingOne application. To find the client ID, see Viewing application details.
Client secret
The cryptographic secret that is known only to the application and the authorization server. To find the client secret, see Viewing a client secret.
Region
The geographic region that hosts your PingOne tenant. To find the region, see Environment properties.
Using the connector in a flow
You can use the PingOne Credentials connector to issue, verify, and manage digital verifiable credentials.
The following example flows show issuance and verification demonstrations.
The example issuance flow contains the following nodes.
-
Simulate user proofing/authentication:
-
The
Get user details
node lets the user input their information into PingOne. -
The
Create user
node creates the user in PingOne.
-
-
Create user digital wallet and pair it to the existing digital wallet application:
-
The
Pair user wallet to application
node creates a digital wallet for the user. The digital wallet application must already be configured in PingOne.
-
-
Determine if mobile device, then show QR code for desktop and link for mobile:
-
The
Determine if Mobile Device
node determines if the user has a mobile device or not. If the user has a mobile device, then the digital wallet app URL opens. If the user is on a desktop, a QR code for the digital wallet app displays.
-
-
Poll and wait until the user has paired their digital wallet:
-
The
Find paired wallet for user
node filters all user wallets to find if a paired wallet exists for the configured PingOne application. -
The
Wallet ACTIVE? A==B
node determines whether a digital wallet for the user has been paired or not. -
The
Continue polling
node continues to check for the digital wallet application status. When the status changes to paired, then the flow continues.
-
-
Apply credential issuance rule to staged changes for the user:
-
The
Issue credentials
node is used to apply the changes staged by the credential issuance rule for the credential type in an environment. -
User wallet successfully paired
node displays a success message to the user when the digital wallet is successfully paired.The example verification flow contains the following nodes.
-
-
Begin a session to verify a user’s credential:
-
The
Create verification session
node lets an issuer begin a verification session to verify a user’s credential. -
The
Show QR Image
node displays a QR code for the user to verify their credential.
-
-
Poll session status and return verification result from the verified credential:
-
The
Poll for verification status
node checks and returns the status of the verification session. -
The
Check verification status
node checks for the verification status to be “verified”. -
The
Return verification data
node returns data from the verified credential. -
The
Show verification data
node displays the verified credential data.
-
Capabilities
Find Paired Wallet for User
Check to see if a user has a paired wallet
Show details
- Properties
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- pairedDigitalWallets
object
- properties
object
- size
number
- pairedWallets
array
- items
array
-
- type
object
- properties
- type
- rawResponse
object
- properties
object
- size
number
- pairedWallets
array
- items
array
-
- type
object
- properties
- type
- headers
object
- statusCode
integer
Read User Wallet
Return a specified digital wallet for a user
Show details
- Properties
- Digital Wallet ID
textField
-
Identifier (UUID) of the digital wallet associated with the provisioned credential.
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
- digitalWalletId
string
required
minLength: 0
maxLength: 100
-
Digital Wallet Id
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- userDigitalWallet
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- appOpen
object
- properties
object
- appOpen
- href
string
-
- qrUrl
object
- properties
object
- qrUrl
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- digitalWalletApplication
object
- properties
object
-
- id
string
- id
- status
string
- createdAt
string
- updatedAt
string
- pairingSession
- notification
object
- properties
object
-
- methods
array
- items
array
- methods
- type
string
- results
array
- items
array
-
- type
object
- properties
- type
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- appOpen
object
- properties
object
- appOpen
- href
string
-
- qrUrl
object
- properties
object
- qrUrl
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- digitalWalletApplication
object
- properties
object
-
- id
string
- id
- status
string
- createdAt
string
- updatedAt
string
- pairingSession
- notification
object
- properties
object
-
- methods
array
- items
array
- methods
- type
string
- results
array
- items
array
-
- type
object
- properties
- type
- headers
object
- statusCode
integer
Pair User Wallet to Application
Create a digital wallet and pair it to an application for a user
Show details
- Properties
- Notification Methods
dropDownMultiSelect
-
-
Email
-
SMS
-
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
-
notificationMethods
array
[.attr-uniqueitems]##[.codeph]``uniqueItems:- true``##
- items
array
- type
string
- maxLength
maxLength: 255
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- userDigitalWallet
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- appOpen
object
- properties
object
- appOpen
- href
string
-
- qrUrl
object
- properties
object
- qrUrl
- href
string
- id
string
- qrCodeImage
string
- osType
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- digitalWalletApplication
object
- properties
object
-
- id
string
- id
- status
string
- createdAt
string
- updatedAt
string
- pairingSession
object
- properties
object
-
- id
string
- createdAt
string
- updatedAt
string
- environment
object
- properties
object
- id
- id
string
-
- user
object
- properties
object
- user
- id
string
-
- digitalWallet
object
- properties
object
- digitalWallet
- id
string
-
- challenge
string
- qrUrl
string
- status
string
- challenge
- notification
object
- properties
object
-
- methods
array
- items
array
- methods
- type
string
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- appOpen
object
- properties
object
- appOpen
- href
string
-
- qrUrl
object
- properties
object
- qrUrl
- href
string
- id
string
- qrCodeImage
string
- osType
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- digitalWalletApplication
object
- properties
object
-
- id
string
- id
- status
string
- createdAt
string
- updatedAt
string
- pairingSession
object
- properties
object
-
- id
string
- createdAt
string
- updatedAt
string
- environment
object
- properties
object
- id
- id
string
-
- user
object
- properties
object
- user
- id
string
-
- digitalWallet
object
- properties
object
- digitalWallet
- id
string
-
- challenge
string
- qrUrl
string
- status
string
- challenge
- notification
object
- properties
object
-
- methods
array
- items
array
- methods
- type
string
- headers
object
- statusCode
integer
Update User Wallet
Update the status of a digital wallet for a user
Show details
- Properties
- Status
dropDown
-
Status of the wallet
-
ACTIVE (Default)
-
DISABLED
-
- User ID
textField
-
PingOne user ID
- Digital Wallet ID
textField
-
Identifier (UUID) of the digital wallet associated with the provisioned credential.
- Input Schema
- default
object
- digitalWalletStatus
string
required
minLength: 0
maxLength: 100
-
Digital Wallet Status
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- digitalWalletId
string
required
minLength: 0
maxLength: 100
-
Digital Wallet Id
- Output Schema
- output
object
- userDigitalWallet
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- digitalWalletApplication
object
- properties
object
-
- id
string
- id
- status
string
- createdAt
string
- updatedAt
string
- notification
object
- properties
object
-
- methods
array
- items
array
- methods
- type
string
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- digitalWalletApplication
object
- properties
object
-
- id
string
- id
- status
string
- createdAt
string
- updatedAt
string
- notification
object
- properties
object
-
- methods
array
- items
array
- methods
- type
string
- headers
object
- statusCode
integer
Delete User Wallet
Remove a digital wallet and all associated credentials for a user
Show details
- Properties
- Digital Wallet ID
textField
-
Identifier (UUID) of the digital wallet associated with the provisioned credential.
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
- digitalWalletId
string
required
minLength: 0
maxLength: 100
-
Digital Wallet Id
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- rawResponse
object
- headers
object
- statusCode
integer
Read Credential
Read a credential
Show details
- Properties
- Credential ID
textField
-
Identifier (UUID) of the provisioned user credential
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
- credentialId
string
required
minLength: 0
maxLength: 100
-
Credential ID
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- userCredential
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- credentialType
object
- properties
object
-
- id
string
- id
- title
string
- status
string
- createdAt
string
- updatedAt
string
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- credentialType
object
- properties
object
-
- id
string
- id
- title
string
- status
string
- createdAt
string
- updatedAt
string
- headers
object
- statusCode
integer
Read All Credentials
Return all credentials for a user
Show details
- Properties
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- userCredentials
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- _embedded
object
- properties
object
-
- items
array
- items
array
- items
- type
object
- properties
- size
number
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- _embedded
object
- properties
object
-
- items
array
- items
array
- items
- type
object
- properties
- size
number
- headers
object
- statusCode
integer
Revoke Credential
Revoke a user’s credential
Show details
- Properties
- Notification Methods
dropDownMultiSelect
-
-
Email
-
SMS
-
- Credential ID
textField
-
Identifier (UUID) of the provisioned user credential
- User ID
textField
-
PingOne user ID
- Input Schema
- default
object
-
notificationMethods
array
[.attr-uniqueitems]##[.codeph]``uniqueItems:- true``##
- items
array
- type
string
- maxLength
maxLength: 255
- credentialId
string
required
minLength: 0
maxLength: 100
-
Credential ID
- userId
string
required
minLength: 0
maxLength: 100
-
User Id
- Output Schema
- output
object
- userCredential
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- credentialType
object
- properties
object
-
- id
string
- id
- title
string
- status
string
- createdAt
string
- updatedAt
string
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- credentialType
object
- properties
object
-
- id
string
- id
- title
string
- status
string
- createdAt
string
- updatedAt
string
- headers
object
- statusCode
integer
Issue Credential(s)
Apply credential issuance rule to staged changes
Show details
- Properties
- User ID(s)
textFieldArrayView
-
Array of one or more user IDs for which credentials should be issued
- Issuance Rule ID
textField
-
Identifier (UUID) of the credential issuance rule.
- Credential Type ID
textField
-
Identifier (UUID) associated with the credential type.
- Input Schema
- default
object
-
applyIssue
array
[.attr-uniqueitems]##[.codeph]``uniqueItems:- true``##
-
Issue
- items
array
- type
string
- maxLength
maxLength: 255
-
applyUpdate
array
[.attr-uniqueitems]##[.codeph]``uniqueItems:- true``##
-
Update
- items
array
- type
string
- maxLength
maxLength: 255
-
applyRevoke
array
[.attr-uniqueitems]##[.codeph]``uniqueItems:- true``##
-
Revoke
- items
array
- type
string
- maxLength
maxLength: 255
- issuanceRuleId
string
required
minLength: 0
maxLength: 100
-
Issuance Rule Id
- credentialTypeId
string
required
minLength: 0
maxLength: 100
-
Credential Type ID
- Output Schema
- output
object
- stagedChanges
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- _embedded
object
- properties
object
-
- stagedChanges
array
- items
array
- stagedChanges
- type
object
- properties
- size
number
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
- _embedded
object
- properties
object
-
- stagedChanges
array
- items
array
- stagedChanges
- type
object
- properties
- size
number
- headers
object
- statusCode
integer
Create Verification Session
Begin a session to verify a user’s credential
Show details
- Properties
- Message
textField
-
A message shown to the user by the compatible wallet app to alert the user
- Protocol
dropDown
-
Protocol to use for verification; can be OPENID4VP or NATIVE. Defaults to NATIVE.
-
NATIVE (Default)
-
OPENID4VP
-
- Filter by DIDs
textFieldArrayView
-
Array of unique decentralized identifiers (DIDs) to be searched for the Issuer of the presented credential (OPENID4VP only).
- Filter by PingOne Environment ID
textFieldArrayView
-
Array of PingOne environment IDs to be searched for the Issuer of the presented credential (NATIVE only).
- Credential Type
textField
-
The ID of the credential type to be verified.
- Requested Credential Keys
textFieldArrayView
-
Array of strings that identify the key names for selective disclosure to return from the credential.
- Input Schema
- default
object
- message
string
minLength: 0
maxLength: 100
-
Message
- protocol
string
required
minLength: 0
maxLength: 100
-
protocol
issuerFilterDids array
uniqueItems:
true
:::
Issue Filter Dids
- items
array
- type
string
- maxLength
maxLength: 255
-
issuerFilterEnvIds
array
[.attr-uniqueitems]##[.codeph]``uniqueItems:- true``##
-
Issue Filter Environment Ids
- items
array
- type
string
- maxLength
maxLength: 255
- reqCredType
string
required
minLength: 0
maxLength: 100
-
Requested Credential Type
requestedCredKeys array
uniqueItems:
true
:::
Requested Credential Keys
- items
array
- type
string
- maxLength
maxLength: 255
- Output Schema
- output
object
- credVerPresentationSession
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- qr
object
- properties
object
- qr
- href
string
-
- appOpenUrl
object
- properties
object
- appOpenUrl
- href
string
- id
string
- qrCodeImage
string
- osType
string
- status
string
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- qr
object
- properties
object
- qr
- href
string
-
- appOpenUrl
object
- properties
object
- appOpenUrl
- href
string
- id
string
- qrCodeImage
string
- osType
string
- status
string
- headers
object
- statusCode
integer
Poll for Verification Status
Return the status of a verification session
Show details
- Properties
- Credential Verification ID
textField
-
Identifier (UUID) of the verification credential data
- Input Schema
- default
object
- credentialsVerificationId
string
required
minLength: 0
maxLength: 100
-
Credentials Verification ID
- Output Schema
- output
object
- credVerificationStatus
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- qr
object
- properties
object
- qr
- href
string
-
- appOpenUrl
object
- properties
object
- appOpenUrl
- href
string
- id
string
- qrCodeImage
string
- osType
string
- status
string
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- qr
object
- properties
object
- qr
- href
string
-
- appOpenUrl
object
- properties
object
- appOpenUrl
- href
string
- id
string
- qrCodeImage
string
- osType
string
- status
string
- headers
object
- statusCode
integer
Return Verification Data
Return data from verified credential
Show details
- Properties
- Credential Verification ID
textField
-
Identifier (UUID) of the verification credential data
- Input Schema
- default
object
- credentialsVerificationId
string
required
minLength: 0
maxLength: 100
-
Credentials Verification ID
- Output Schema
- output
object
- credVerificationData
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- qr
object
- properties
object
- qr
- href
string
-
- appOpenUrl
object
- properties
object
- appOpenUrl
- href
string
- id
string
- status
string
- sessionData
object
- properties
object
-
- id
string
- credentialsDataList
array
- items
array
- id
- type
object
- properties
{"type":"string"}
- rawResponse
object
- properties
object
- _links
object
- properties
object
-
- self
object
- properties
object
- self
- href
string
-
- qr
object
- properties
object
- qr
- href
string
-
- appOpenUrl
object
- properties
object
- appOpenUrl
- href
string
- id
string
- status
string
- sessionData
object
- properties
object
-
- id
string
- credentialsDataList
array
- items
array
- id
- type
object
- properties
{"type":"string"}
- headers
object
- statusCode
integer