Webhooks are a critical component in the management and distribution of verifiable credentials, providing real-time notifications and seamless integration for issuers. Here’s why webhooks enhance the credential issuance process:

  • Automatic Credential Retrieval: Upon issuance, the credential is sent directly to the issuer through the webhook payload. This eliminates the need for issuers to manually call getCredential(). This functionality is especially crucial when the issuer opts for delegated storage; without catching the webhook, the credential could be lost, as there would be no subsequent retrieval.
  • Notification of Credential Issuance Failure: Webhooks provide immediate alerts if the credential issuance process fails. This enables issuers to quickly identify and address issues, ensuring a reliable and efficient credential issuance process.
  • Secure Storage of Encryption Keys: In scenarios involving encryption via the “crossmint-recoverable” encryption type, the webhook stores the encryption key for the recipient subject. This ensures that, in case of any fallback, the key is readily available, maintaining the security and accessibility of the encrypted credentials.
  • Immediate Access to Credential Pass Links: Issuers can instantly receive a link to the wallet credential pass via the webhook. This link can then be forwarded to the subject, ensuring a swift and efficient delivery of credentials.

If you choose not to use a webhook, you can query for the credential’s status via the status API.

Setting Up a Webhook

First, you need to setup a webhook in the developer console. Once that is done either programmatically or via the Dev Console, the webhook payload received, looks as follows:

data:{
    credential: credentialObject or encryptedCredentialObjcet
    pass: wallet pass object
    secret: encryption key
}

The events you can monitor are:

  • credential:creation.succeeded Will be emitted when the credential creation process is complete. The issued credential, credential pass, and encryption key will be contained in the data.credential field, data.pass field, and data.secret field, respectively. In case of encrypted credential templates, the issued credential returned will be encrypted.

  • credential:creation.failed Will be emitted when the credential creation process fails. The error will be contained in the data.error field.

Delegated SignatureIntroduction