API Schema
The GraphQL schema for the Sudo Platform Cloud Agent admin API
#
# Data types for Connection Exchanges / Invitations
#
"""
Aries Interop Profile (AIP) Connection Exchange record data type
"""
type AIPConnectionExchange {
"The unique identifier for the connection exchange."
id: ID!
"The role of this agent in the connection exchange."
myRole: AIPConnExRole!
"The current state of the connection exchange."
state: AIPConnExState!
"The locally assigned alias for the connection."
alias: String!
"The label provided by the connection's peer."
theirLabel: String
"""
The invitation associated with the connection exchange.
If myRole=INVITER, then the invitation was created by this agent.
If myRole=INVITEE, then the invitation was received by this agent.
"""
invitation: AIPConnectionInvitation
"The datetime when the connection exchange was created, in ISO 8601 format."
createdTimestamp: String!
"The datetime when the connection exchange was last updated, in ISO 8601 format."
modifiedTimestamp: String!
}
"""
The role of an agent in an AIP connection exchange.
"""
enum AIPConnExRole {
INVITER
INVITEE
}
"""
The state of an AIP connection exchange.
"""
enum AIPConnExState {
INVITATION
REQUEST
RESPONSE
"""
Terminal state for a successful, "complete" connection exchange.
"""
DONE
"""
Terminal state for an unsuccessful connection exchange.
"""
ABANDONED
}
"""
A connection invitation either created by this agent, or received by this agent. If created by this agent,
the invitation must be shared out-of-band.
"""
type AIPConnectionInvitation {
"An ID for the connection invitation."
messageId: ID!
"""
A label provided by the inviter, to help the invitee recognize them. Note that this is not trusted data.
If the encapsulating AIPConnectionExchange object has myRole=INVITER, then label represents 'myLabel'.
If the encapsulating AIPConnectionExchange object has myRole=INVITEE, then label represents 'theirLabel'.
"""
label: String!
"The endpoint where the invitee can establish contact with the inviter."
serviceEndpoint: String!
"""
The raw invitation which contains all the details on how to contact the inviter.
This must be delivered to the invitee out-of-band.
"""
invitationUrl: String!
}
"""
Optional filters for the 'aipConnectionExchanges' query. The filters are AND'd together
"""
input AIPConnectionExchangesFilter {
"Filter connection exchanges by ID."
connExIds: [ID!]
"Filter by the alias of the connection associated with the exchange. Returns exact substring matches."
alias: String
"""
Filter by the alias of the connection associated with the exchange.
Returns all connection exchanges in order of similarity to the search value, with the best matches listed first.
"""
aliasFuzzySearch: String
"Filter by the role this agent plays in the connection exchange."
myConnExRole: AIPConnExRole
"Filter by the current state of the connection exchange."
connExStates: [AIPConnExState!]
"""
Sort the results of this query by the 'modifiedTimestamp' of the connection exchanges.
Default is 'DESCENDING' so that the latest update will appear first.
"""
sortOrder: SortOrder
}
"""
Paged result container of the 'aipConnectionExchanges' query
"""
type AIPConnectionExchangesResult {
"The result items"
items: [AIPConnectionExchange!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
"""
Input for the 'createAipConnectionInvitation' mutation.
"""
input CreateAipConnectionInvitationInput {
"The locally assigned alias for the connection."
alias: String!
"""
The label to put in the created invitation, to help the invitee recognize this agent.
If not provided, the system default will be used.
"""
myLabel: String
}
"""
Input for the 'acceptAipConnectionInvitation' mutation.
"""
input AcceptAipConnectionInvitationInput {
"The raw invitation which contains all the details on how to contact the inviter."
invitationUrl: String!
"""
The locally assigned alias for the connection.
If not provided, the label inside the invitation will be used as the connection alias.
"""
alias: String
"""
The label to pass back to the inviter, to help the inviter recognize this agent.
If not provided, the system default will be used.
"""
myLabel: String
}
#
# Data types for Connections
#
"""
Connection record data type
"""
type Connection {
"Unique identifier of the connection"
id: ID!
"The locally assigned alias for the connection"
alias: String!
"The label provided by the connection's peer"
theirLabel: String!
"The datetime when this connection was created, in ISO 8601 format"
createdTimestamp: String!
"The datetime when this connection was last updated, in ISO 8601 format"
modifiedTimestamp: String!
"Basic messages associated with the connection"
basicMessages(page: Page!): BasicMessagesResult!
}
"""
Optional filters for the 'connections' query. The filters are AND'd together
"""
input ConnectionsFilter {
"Filter connections by ID."
connectionIds: [ID!]
"Filter by the alias of the connection. Returns exact substring matches."
alias: String
"""
Filter by the alias of the connection.
Returns all connections in order of similarity to the search value, with the best matches listed first.
"""
aliasFuzzySearch: String
"""
Filter connections by their basic messages count
- If true, only include connections that have >= 1 message
- If false, only include connections that have 0 messages
- If null or not supplied (default), include all connections
"""
hasBasicMessages: Boolean = null
"""
Sort the results of this query by the 'modifiedTimestamp' of the connections.
Default is 'DESCENDING' so that the latest update will appear first.
"""
sortOrder: SortOrder
}
"""
Result type of the 'connections' query
"""
type ConnectionsResult {
"The result items"
items: [Connection!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
#
# Data types for Basic Messages
#
"""
Basic message record data type
"""
type BasicMessage {
"Unique ID of the message"
id: ID!
"ID of the connection this message is associated with"
connectionId: ID!
"The message content"
content: String!
"""
Aggregated time stamp of the message in ISO 8601 format.
The semantics of this timestamp relate to the message direction.
- For incoming messages this is the time the service receives the message
- For outgoing messages this is the time the service sends the message
"""
timestamp: String
"Direction of the message"
direction: BasicMessageDirection!
}
"""
Send direction of a basic message
"""
enum BasicMessageDirection {
INBOUND
OUTBOUND
}
"""
Include filter for the basic messages query
"""
input BasicMessagesFilter {
"Filter on a specific connection ID"
connectionId: ID!
}
"""
Paged result container of the 'basicMessages' query
"""
type BasicMessagesResult {
"The result items"
items: [BasicMessage!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
"""
Paged result container of the 'broadcastBasicMessage' mutation
"""
type BroadcastBasicMessageResult {
"The connection IDs of all peers that the message was successfully sent to"
connectionIds: [ID!]!
}
"""
Result from the delete basic message mutation
"""
type DeleteBasicMessagesResult {
"The message IDs of all items that were deleted"
messageIds: [ID!]!
}
#
# Data types for Anoncreds Schemas
#
"""
Anoncreds Schema record data type
"""
type AnoncredsSchema {
"Unique identifier of the schema, as found on the ledger"
id: ID!
"""
The name of the schema. An endorser/issuer can only publish one schema
with this unique 'name' and 'version' combination
"""
name: String!
"""
The version of the schema, using the industry-standard 'semantic versioning' format.
An endorser/issuer can only publish one schema with this unique 'name' and 'version' combination
"""
version: String!
"""
Names of the attributes defined by this schema.
Credentials issued from this schema will be assigned a value for each of these attributes
"""
attributeNames: [String!]!
}
"""
Optional filters for the 'anoncredsSchemas' query. The filters are AND'd together
"""
input AnoncredsSchemasFilter {
"Filter schemas by ID. Must be an exact match"
schemaId: ID
"Filter schemas by name. Returns exact substring matches."
schemaName: String
"Filter schemas by version. Returns exact substring matches."
schemaVersion: String
"""
Filter schemas by name and version.
Returns all schemas in order of similarity to the search value, with the best matches listed first.
"""
schemaNameAndVersionFuzzySearch: String
}
"""
Paged result container of the 'anoncredsSchemas' query
"""
type AnoncredsSchemasResult {
"The result items"
items: [AnoncredsSchema!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
"""
Input parameters for the 'createAnoncredsSchema' mutation.
"""
input CreateAnoncredsSchemaArgs {
"""
The name of the schema. An endorser/issuer can only publish one schema
with this unique 'name' and 'version' combination
"""
name: String!
"""
The version of the schema, using the industry-standard 'semantic versioning' format.
An endorser/issuer can only publish one schema with this unique 'name' and 'version' combination
"""
version: String!
"""
Names of the attributes defined by this schema.
Credentials issued from this schema will be assigned a value for each of these attributes
"""
attributeNames: [String!]!
}
#
# Data types for Anoncreds Credential Definitions (CredDefs)
#
"""
Anoncreds Credential Definition ("credDef") record data type.
A credDef associates a schema with an issuer, allowing the issuer
to create credentials from that schema.
"""
type AnoncredsCredDef {
"Unique identifier of the credDef, as found on the ledger"
id: ID!
"Unique identifier of the schema associated with this credDef"
schemaId: ID!
"""
The schema resolved by 'schemaId'.
Returns null if the schema could not be resolved on the ledger.
"""
schema: AnoncredsSchema
"""
An arbitrary string assigned to this credDef, which allows the issuer
to publish multiple credDefs using the same schema.
"""
tag: String!
"If true, then credentials created from this credDef can be revoked"
isRevocable: Boolean!
}
"""
Optional filters for the 'anoncredsCredDefs' query. The filters are AND'd together
"""
input AnoncredsCredDefsFilter {
"Filter credDefs by ID. Must be an exact match"
credDefId: ID
"Filter credDefs by schema ID. Must be an exact match"
schemaId: ID
"Filter credDefs by schema name. Returns exact substring matches."
schemaName: String
"Filter credDefs by schema version. Returns exact substring matches."
schemaVersion: String
"Filter credDefs by tag. Returns exact substring matches."
credDefTag: String
"""
Filter credDefs by tag.
Returns all credDefs in order of similarity to the search value, with the best matches listed first.
"""
credDefTagFuzzySearch: String
}
"""
Paged result container of the 'anoncredsCredDefs' query
"""
type AnoncredsCredDefsResult {
"The result items"
items: [AnoncredsCredDef!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
"""
Input parameters for the 'createAnoncredsCredDef' mutation.
"""
input CreateAnoncredsCredDefArgs {
"Unique identifier of the schema associated with the credDef"
schemaId: ID!
"""
An arbitrary string assigned to the credDef, which allows the issuer
to publish multiple credDefs using the same schema.
"""
tag: String!
"If true, then credentials created from the credDef can be revoked"
isRevocable: Boolean!
}
#
# Data types for Credentials
#
union Credential = AnoncredsCredential | W3CCredential
"""
An Anoncreds Verifiable Credential held by this agent.
"""
type AnoncredsCredential {
"Unique identifier for the held Anoncreds credential."
id: ID!
"Attributes in the credential."
attributes: [AnoncredsCredAttribute!]!
"If null, the credential is not revocable."
revocationInfo: AnoncredsRevocationInfo
"The ID of the credential definition which defines the credential."
credDefId: ID!
"""
For convenience.
Resolves the credential definition referred to by 'credDefId'.
The schema for the credential can optionally be resolved within this credential definition.
Returns null if the credential definition could not be resolved on the ledger.
"""
credDef: AnoncredsCredDef
"The datetime when this credential was received, in ISO 8601 format."
issuanceTimestamp: String!
}
"Details of an attribute in an Anoncreds credential."
type AnoncredsCredAttribute {
"The name of the credential attribute."
name: String!
"The value held by the credential attribute."
value: String!
}
"Details used to revoke a revocable Anoncreds credential."
type AnoncredsRevocationInfo {
"The ID of the revocation registry where revocation status of the credential is recorded."
revRegId: ID!
"The ID for the credential in the revocation registry."
credRevId: ID!
}
"""
A W3C Verifiable Credential held by this agent.
"""
type W3CCredential {
"Unique identifier for the held W3C credential."
id: ID!
"The W3C Verifiable Credential, encoded as a stringified JSON."
credentialJson: String!
"""
A public identifier for the credential.
If null, the credential has no public identifier.
"""
publicId: ID
"The JSON-LD documents which define the contents of the credential."
contexts: [String!]!
"The JSON-LD types found in 'contexts' which define the contents of the credential."
types: [String!]!
"The DID of the issuer of the credential."
issuerId: ID!
"The datetime from which the credential is valid, in ISO 8601 format."
issuanceTimestamp: String!
"The datetime from which the credential is invalid, in ISO 8601 format."
expirationTimestamp: String
"""
Each element in this array is a stringified JSON which contains the attributes for a single credential subject.
A W3C credential may have more than one subject.
"""
subjectJsons: [String!]!
"Additional features which the credential supports."
supportedFeatures: W3CSupportedFeatures!
}
"Specifies which features are supported by a W3C credential."
type W3CSupportedFeatures {
"""
If true, then it is possible to present to a verifier a subset of the attributes found within the credential,
without revealing all the attributes.
"""
selectiveDisclosure: Boolean!
}
"""
Optional filters for the 'credentials' query. The filters are AND'd together
"""
input CredentialsFilter {
"Filter by the format of the credential."
credentialFormats: [CredentialFormat!]
"""
Sort the results of this query by the 'issuanceTimestamp' of the credential.
Default is 'DESCENDING' so that the latest received credential will appear first.
"""
sortOrder: SortOrder
}
"""
Paged result container of the 'credentials' query
"""
type CredentialsResult {
"The result items"
items: [Credential!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
#
# Data types for Credential Exchanges
#
"""
Aries Interop Profile (AIP) Credential Exchange record data type
"""
type AIPCredentialExchange {
"The unique identifier for the credential exchange."
id: ID!
"The version of AIP used for the credential exchange."
aipVersion: AIPVersion!
"The role of this agent in the credential exchange."
myRole: AIPCredExRole!
"The current state of the credential exchange."
state: AIPCredExState!
"Messages which have been sent or received during the exchange."
messages: AIPCredExMessages!
"The datetime when the credential exchange was created, in ISO 8601 format."
createdTimestamp: String!
"The datetime when the credential exchange was last updated, in ISO 8601 format."
modifiedTimestamp: String!
"The ID of the connection with whom this agent is performing the exchange."
connectionId: ID!
"""
The connection resolved by 'connectionId'.
Returns null if the connection cannot be found, such as when the connection is deleted.
"""
connection: Connection
}
"""
The role of an agent in an AIP credential exchange.
"""
enum AIPCredExRole {
ISSUER
HOLDER
}
"""
The state of an AIP credential exchange.
"""
enum AIPCredExState {
PROPOSAL
OFFER
REQUEST
"""
If the credential exchange is waiting for a final 'ack', then it will wait in this
state, otherwise it may transition immediately into the 'DONE' state.
"""
ISSUED
"""
Terminal state for a successful, "complete" credential exchange. This means
that a verifiable credential has been exchanged.
"""
DONE
"Terminal state for an unsuccessful credential exchange."
ABANDONED
}
"Messages sent between the holder and issuer within a credential exchange."
type AIPCredExMessages {
"The latest 'proposal' message sent by the holder during the credential exchange."
proposal: AIPCredProposal
"The latest 'offer' message sent by the issuer during the credential exchange."
offer: AIPCredOffer
"The latest 'request' message sent by the holder during the credential exchange."
request: AIPCredRequest
"The latest 'issue' message sent by the issuer during the credential exchange."
issued: AIPCredIssued
}
"""
AIP Credential Proposal record data type.
This is a 'proposal' message within an AIP Credential Exchange.
"""
type AIPCredProposal {
"A comment associated with the message."
comment: String
"Further contents of the message, which depends on the format of the credential being proposed."
format: AIPCredProposalFormat!
}
union AIPCredProposalFormat = AnoncredsCredProposal | W3CCredNegotiation
"""
Anoncreds Credential Proposal record data type.
"""
type AnoncredsCredProposal {
"The credential should be based on the specific credential definition referenced by this ID."
credDefId: ID
"""
For convenience.
Returns the credential definition which 'credDefId' resolves to.
This will return null if 'credDefId' is not set.
"""
credDef: AnoncredsCredDef
"The credential should be based on any credential definition which is written by the issuer with this ID."
credDefIssuerId: ID
"The credential should be based on the specific schema referenced by this ID."
schemaId: ID
"""
For convenience.
Returns the schema which 'schemaId' resolves to.
This will return null if 'schemaId' is not set.
"""
schema: AnoncredsSchema
"The credential should be based on any schema which has this name."
schemaName: String
"The credential should be based on any schema which has this version."
schemaVersion: String
"The credential should be based on any schema which is written by the issuer with this ID."
schemaIssuerId: ID
"""
The set of attribute names and values the holder wants in the credential.
If empty array, then the holder may be proposing a credential with no attributes.
If null, then the holder is leaving the attribute values open-ended for the issuer to decide.
"""
attributeValues: [AnoncredsCredNegotiationAttribute!]
}
type AnoncredsCredNegotiationAttribute {
"The name of the attribute."
name: String!
"""
The value assigned to the attribute.
If 'mimeType' is set, then this value will be base64 encoded.
"""
value: String!
"The MIME type of 'value'."
mimeType: String
}
"""
The details of a W3C credential which has not yet been issued.
This data type can represent a W3C Credential Proposal, Offer or Request.
"""
type W3CCredNegotiation {
"The W3C Verifiable Credential, encoded as a stringified JSON."
credentialJson: String!
"""
A public identifier for the credential.
If null, the credential has no public identifier.
"""
publicId: ID
"The JSON-LD documents which define the contents of the credential."
contexts: [String!]!
"The JSON-LD types found in 'contexts' which define the contents of the credential."
types: [String!]!
"The DID of the issuer who will issue the credential."
issuerId: ID!
"The datetime from which the credential is to be valid, in ISO 8601 format."
issuanceTimestamp: String!
"The datetime from which the credential is to be invalid, in ISO 8601 format."
expirationTimestamp: String
"""
Each element in this array is a stringified JSON which contains the attributes for a single credential subject.
A W3C credential may have more than one subject.
"""
subjectJsons: [String!]!
"Additional features which the credential will support."
supportedFeatures: W3CSupportedFeatures!
}
"""
AIP Credential Offer record data type.
This is an 'offer' message within an AIP Credential Exchange.
"""
type AIPCredOffer {
"A comment associated with the message."
comment: String
"If not null, the replacement ID used to replace an existing credential."
replacementId: ID
"Further contents of the message, which depends on the format of the credential being offered."
format: AIPCredOfferFormat!
}
union AIPCredOfferFormat = AnoncredsCredOffer | W3CCredNegotiation
"""
Anoncreds Credential Offer record data type.
"""
type AnoncredsCredOffer {
"The credential will be based on the credential definition with this ID."
credDefId: ID!
"""
For convenience.
Returns the credential definition which 'credDefId' resolves to.
Returns null if the credential definition could not be resolved on the ledger.
"""
credDef: AnoncredsCredDef
"The credential will be based on the schema with this ID."
schemaId: ID!
"""
For convenience.
Returns the schema which 'schemaId' resolves to.
Returns null if the schema could not be resolved on the ledger.
"""
schema: AnoncredsSchema
"The credential will contain these attributes and values."
attributeValues: [AnoncredsCredNegotiationAttribute!]!
}
"""
AIP Credential Request record data type.
This is a 'request' message within an AIP Credential Exchange.
"""
type AIPCredRequest {
"A comment associated with the message."
comment: String
"Further contents of the message, which depends on the format of the credential being requested."
format: AIPCredRequestFormat!
}
union AIPCredRequestFormat = AnoncredsCredRequest | W3CCredNegotiation
"""
Anoncreds Credential Request record data type.
"""
type AnoncredsCredRequest {
"""
Ignore this property - it will always return null.
This type is intended to be an empty placeholder object.
This type can potentially be used to determine the format of the credential being requested.
"""
_: Boolean
}
"""
AIP Credential Issued record data type.
This is an 'issue' message within an AIP Credential Exchange.
"""
type AIPCredIssued {
"A comment associated with this message."
comment: String
"If not null, the replacement ID used to replace an existing credential."
replacementId: ID
"Further contents of the message, which depends on the format of the credential which is issued."
format: AIPCredIssuedFormat!
}
union AIPCredIssuedFormat =
AnoncredsCredentialIssuanceRecord
| W3CCredentialIssuanceRecord
"""
Records the details of an issued Anoncreds verifiable credential.
This credential may have been either issued by this agent or issued to this agent.
"""
type AnoncredsCredentialIssuanceRecord {
"""
If 'myRole' is 'HOLDER', then this is the internal ID of the held credential.
If 'myRole' is 'ISSUER', then this will be null because the credential is not held by this agent.
"""
credentialId: ID
"Attributes in the credential."
attributes: [AnoncredsCredAttribute!]!
"If null, the issued credential is not revocable."
revocationInfo: AnoncredsRevocationInfo
"The ID of the credential definition which defines the credential."
credDefId: ID!
"""
For convenience.
Resolves the credential definition referred to by 'credDefId'.
The schema for the credential can optionally be resolved within this credential definition.
Returns null if the credential definition could not be resolved on the ledger.
"""
credDef: AnoncredsCredDef
"The datetime when the credential was issued, in ISO 8601 format."
issuanceTimestamp: String!
}
"""
Records the details of an issued W3C Verifiable Credential.
This credential may have been either issued by this agent or issued to this agent.
"""
type W3CCredentialIssuanceRecord {
"""
If 'myRole' is 'HOLDER', then this is the internal ID of the held credential.
If 'myRole' is 'ISSUER', then this will be null because the credential is not held by this agent.
"""
credentialId: ID
"The W3C Verifiable Credential, encoded as a stringified JSON."
credentialJson: String!
"""
A public identifier for the credential.
If null, the credential has no public identifier.
"""
publicId: ID
"The JSON-LD documents which define the contents of the credential."
contexts: [String!]!
"The JSON-LD types found in 'contexts' which define the contents of the credential."
types: [String!]!
"The DID of the issuer of the credential."
issuerId: ID!
"The datetime from which the credential is valid, in ISO 8601 format."
issuanceTimestamp: String!
"The datetime from which the credential is invalid, in ISO 8601 format."
expirationTimestamp: String
"""
Each element in this array is a stringified JSON which contains the attributes for a single credential subject.
A W3C credential may have more than one subject.
"""
subjectJsons: [String!]!
"Additional features which the credential supports."
supportedFeatures: W3CSupportedFeatures!
}
"""
Optional filters for the 'aipCredentialExchanges' query. The filters are AND'd together
"""
input AIPCredentialExchangesFilter {
"Filter by the AIP version of the credential exchange protocol."
aipVersions: [AIPVersion!]
"Filter by the role this agent plays in the credential exchange."
myCredExRole: AIPCredExRole
"Filter by the current state of the credential exchange."
credExStates: [AIPCredExState!]
"Filter by the ID of the connection associated with the credential exchange. Must be an exact match."
connectionIds: [ID!]
"Filter by the format of the credential being exchanged."
credentialFormats: [CredentialFormat!]
"""
Filter by the ID of the credential which the credential exchange resulted in. Must be an exact match.
Only credential exchanges where myRole=HOLDER and state=DONE will be associated with a stored credential ID.
"""
storedCredentialIds: [ID!]
"""
Sort the results of this query by the 'modifiedTimestamp' of the credential exchanges.
Default is 'DESCENDING' so that the latest update will appear first.
"""
sortOrder: SortOrder
}
"""
Paged result container of the 'aipCredentialExchanges' query
"""
type AIPCredentialExchangesResult {
"The result items"
items: [AIPCredentialExchange!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
"""
Input parameters for the 'sendAipCredentialOffer' mutation.
"""
input AIPCredOfferInput {
"A comment associated with the offer."
comment: String
"Parameters specific to the format of the credential being offered."
format: AIPCredOfferFormatInput!
"""
If true, then the 'acceptAipCredentialRequest' mutation will be executed automatically
if the receiver of the credential offer accepts the offer.
If null, defaults to false.
"""
autoAcceptRequest: Boolean
}
"""
A value must be provided for either the 'anoncreds' param or the 'w3c' param, but not both.
"""
input AIPCredOfferFormatInput {
"Parameters available when offering an Anoncreds Verifiable Credential."
anoncreds: AnoncredsCredOfferInput
"Parameters available when offering a W3C Verifiable Credential."
w3c: W3CCredOfferInput
}
"""
Parameters for sending an offer of an Anoncreds Verifiable Credential.
"""
input AnoncredsCredOfferInput {
"The ID of the AnoncredsCredDef to use as a base for the issued credential."
credDefId: ID!
"The attributes to place in the issued credential."
attributeValues: [AnoncredsCredNegotiationAttributeInput!]!
}
input AnoncredsCredNegotiationAttributeInput {
"Name of the attribute."
name: String!
"Value of the attribute."
value: String!
"Optional MIME type of the attribute."
mimeType: String
}
"""
Parameters for sending an offer of a W3C Verifiable Credential.
"""
input W3CCredOfferInput {
"The W3C Verifiable Credential, encoded as a stringified JSON."
credentialJson: String!
"""
Set to true if the issued credential should support selective disclosure presentation features.
This affects the cryptographic signature used to sign the issued credential.
If null, defaults to false.
"""
supportSelectiveDisclosure: Boolean
}
"""
Input parameters for the 'acceptAipCredentialOffer' mutation.
"""
input AcceptAipCredOfferInput {
"Parameters specific to the format of the credential in the offer."
format: AcceptAipCredOfferFormatInput
}
"""
If an Anoncreds Verifiable Credential is offered, then omit the 'w3c' param.
"""
input AcceptAipCredOfferFormatInput {
"Parameters available when accepting an offer for a W3C Verifiable Credential."
w3c: AcceptW3CCredOfferInput
}
"""
Parameters for accepting an offer for a W3C Verifiable Credential.
"""
input AcceptW3CCredOfferInput {
"""
Optionally inject a subject DID in the offered credential. Doing so will associate the credential with the subject.
Usually, the subject DID is expected to reference this agent (when acting as the HOLDER).
"""
subjectId: String
}
"""
Input parameters for the 'acceptAipCredentialRequest' mutation.
"""
input AcceptAipCredRequestInput {
"A comment associated with the request."
comment: String
}
#
# Data types for Proof Exchanges
#
"""
Aries Interop Profile (AIP) Proof Exchange record data type
"""
type AIPProofExchange {
"The unique identifier for the proof exchange."
id: ID!
"The version of AIP used for the proof exchange."
aipVersion: AIPVersion!
"The role of this agent in the proof exchange."
myRole: AIPProofExRole!
"The current state of the proof exchange."
state: AIPProofExState!
"Messages which have been sent or received during the exchange."
messages: AIPProofExMessages!
"The datetime when the proof exchange was created, in ISO 8601 format."
createdTimestamp: String!
"The datetime when the proof exchange was last updated, in ISO 8601 format."
modifiedTimestamp: String!
"The ID of the connection with whom this agent is performing the exchange."
connectionId: ID!
"""
The connection resolved by 'connectionId'.
Returns null if the connection cannot be found, such as when the connection is deleted.
"""
connection: Connection
}
"""
The role of an agent in an AIP proof exchange.
"""
enum AIPProofExRole {
VERIFIER
PROVER
}
"""
The state of an AIP proof exchange.
"""
enum AIPProofExState {
PROPOSAL
REQUEST
"""
If the exchange is waiting for a final 'ack', then it will wait in this
state, otherwise it may transition immediately into the 'DONE' state.
"""
PRESENTED
"""
Terminal state for a successful, "complete" proof exchange. This means that
a verifiable proof presentation has been exchanged.
If the exchange is in this state and 'myRole' is 'VERIFIER',
then the received proof presentation has undergone verification.
Note that this state does not indicate the result of the verification.
To check the verification result, see 'verificationResult' on the attached
AIPProofPresentation.
"""
DONE
"""
Terminal state for an unsuccessful proof exchange.
"""
ABANDONED
}
"Messages sent between the prover and verifier within a proof exchange."
type AIPProofExMessages {
"The latest 'proposal' message sent by the prover during the proof exchange."
proposal: AIPProofProposal
"The latest 'request' message sent by the verifier during the proof exchange."
request: AIPProofRequest
"The latest 'presentation' message sent by the prover during the proof exchange."
presentation: AIPProofPresentation
}
"""
AIP Proof Proposal record data type.
This is a 'proposal' message within an AIP Proof Exchange.
"""
type AIPProofProposal {
"A comment associated with the message."
comment: String
"Further contents of the message, which depends on the format of the credential being proposed for presentation."
format: AIPProofProposalFormat!
}
union AIPProofProposalFormat = AnoncredsProofProposal | W3CProofNegotiation
"""
Anoncreds Proof Proposal record data type.
"""
type AnoncredsProofProposal {
"""
A single proof presentation may involve the presentation of data from multiple verifiable credentials.
Each attribute group requires presentation of data from exactly one verifiable credential, where the attributes
in the group appear on that verifiable credential.
This 'attributeGroups' property defines attribute groups which are proposed for presentation.
"""
attributeGroups: [AnoncredsProofNegotiationAttributeGroup!]!
}
"""
Details of an attribute group within an Anoncreds proof proposal/request.
"""
type AnoncredsProofNegotiationAttributeGroup {
"A non-unique identifier for the attribute group."
referent: String!
"The names of attributes within the group."
attributeNames: [String!]!
"""
Restrictions placed on the data and proof which is allowed to be presented for the attribute group.
If empty, the prover may present self-attested attributes.
The array elements are OR'd together. The restrictions within each element are AND'd together.
"""
restrictions: [AnoncredsProofNegotiationAttributeGroupRestrictions!]!
}
"""
Restrictions placed on the data and proof which is allowed to be presented for an attribute group.
These restrictions are AND'd together.
"""
type AnoncredsProofNegotiationAttributeGroupRestrictions {
"""
If not null, the requested attributes must be sourced from a credential
which is based on the Anoncreds schema with this exact ID.
"""
schemaId: ID
"""
For convenience.
Returns the schema which 'schemaId' resolves to.
This will always return null if 'schemaId' is null.
"""
schema: AnoncredsSchema
"""
If not null, the requested attributes must be sourced from a credential
which is based on an Anoncreds schema written to the ledger by this ID.
"""
schemaIssuerId: ID
"""
If not null, the requested attributes must be sourced from a credential
which is based on an Anoncreds schema with this name.
"""
schemaName: String
"""
If not null, the requested attributes must be sourced from a credential
which is based on an Anoncreds schema with this version number.
"""
schemaVersion: String
"""
If not null, the requested attributes must be sourced from a credential
which is based on the Anoncreds credential definition with this exact ID.
"""
credDefId: ID
"""
For convenience.
Returns the credential definition which 'credDefId' resolves to.
This will always return null if 'credDefId' is null.
"""
credDef: AnoncredsCredDef
"""
If not null, the requested attributes must be sourced from a credential
which was issued by this ID.
"""
issuerId: ID
"""
If not empty, the requested attributes must be sourced from a credential
which also holds these attributes.
"""
attributeNames: [String!]!
"""
If not empty, the requested attributes must be sourced from a credential
which also holds these attributes, with respective values.
"""
attributeValues: [AnoncredsAttributeValueRestriction!]!
"""
If not null, the requested attributes must be sourced from a credential
which is/was not revoked within this time interval.
"""
nonRevoked: AnoncredsNonRevokedInterval
"""
If not null, the requested attributes must have values which satisfy
this predicate.
"""
predicate: AnoncredsPredicate
}
"""
A value restriction placed on an attribute.
"""
type AnoncredsAttributeValueRestriction {
"Name of the attribute."
name: String!
"Required value of the attribute."
value: String!
"If not null, this is the MIME type of 'value'."
mimeType: String
}
"""
A restriction which specifies a time interval when a credential used to present attributes must not be revoked.
"""
type AnoncredsNonRevokedInterval {
"If not null, the datetime from which the credential must be valid, in ISO 8601 format."
from: String
"If not null, the datetime to which the credential must be valid, in ISO 8601 format."
to: String
}
"""
A restriction on the range of possible values for an attribute.
"""
type AnoncredsPredicate {
"The type of value range."
operator: AnoncredsPredicateOperator!
"The limit of the value range, working in tandem with the 'operator'."
threshold: Int!
}
"""
Predicate operators.
"""
enum AnoncredsPredicateOperator {
LESS_THAN
LESS_THAN_OR_EQUAL
GREATER_THAN_OR_EQUAL
GREATER_THAN
}
"""
W3C Proof Proposal and W3C Proof Request record data type.
"""
type W3CProofNegotiation {
"A human-friendly name for the proof proposal/request."
name: String
"A human-friendly description of the purpose for the proof proposal/request."
purpose: String
"""
A single proof presentation may involve the presentation of data from multiple verifiable credentials.
Each attribute group requires presentation of data from exactly one verifiable credential, where the attributes
in the group appear on that verifiable credential.
This 'attributeGroups' property defines attribute groups which are proposed/requested for presentation.
"""
attributeGroups: [W3CProofNegotiationAttributeGroup!]!
"""
Each element in this array is a stringified JSON of submission requirements,
with each JSON structured according to the DIF spec:
https://identity.foundation/presentation-exchange/spec/v1.0.0/#submission-requirements
"""
submissionRequirementJsons: [String!]
}
"""
Details of an attribute group within a W3C proof proposal/request.
"""
type W3CProofNegotiationAttributeGroup {
"A unique identifier for the attribute group."
referent: String!
"""
For backward compatibility.
Restricts the @context and type of a W3CCredential.
Equivalent to the 'attributes' property containing two W3CProofNegotiationAttributes
where 'attributePaths' is set to ["$.@context"] and ["$.type"] respectively,
with 'valueRestrictions' set appropriately for each.
"""
schemaUris: [String!]
"A list of attributes within the group, with restrictions applied to each attribute."
attributes: [W3CProofNegotiationAttribute!]!
}
"""
An attribute in a proof proposal/request, with restrictions applied to it.
"""
type W3CProofNegotiationAttribute {
"""
JSONPath paths which could possibly locate the attribute within the JSON-encoded W3C credential subject.
Only one path needs to match.
"""
attributePaths: [String!]!
"A human-friendly description of the purpose for proposing/requesting this attribute."
purpose: String
"Restrictions on the possible values allowed to be presented for this attribute."
valueRestrictions: W3CProofNegotiationValueRestrictions!
"If true, then the holder of the source credential must also be the subject of the source credential."
isHolderSubject: Boolean!
"""
If 'RAW_VALUE', then the verifier requires the prover to present the raw value of the attribute.
If 'PREDICATE', then the verifier requires the prover to present a predicate (boolean value)
instead of the raw value of the attribute.
If 'PREDICATE_OR_RAW_VALUE', then the verifier will accept either a predicate (boolean value)
or the raw value of the attribute, but a predicate is preferred.
"""
presentationType: W3CProofNegotiationPresentationType!
}
"""
Types of W3C attribute value presentations.
A presentation may contain the raw value of an attribute, or a predicate (boolean value) ZKP.
"""
enum W3CProofNegotiationPresentationType {
RAW_VALUE
PREDICATE
PREDICATE_OR_RAW_VALUE
}
"""
The data format for the inputs to the value restrictions
Built to conform to https://json-schema.org/understanding-json-schema/reference
"""
enum W3CValueRestrictionDataFormat {
TEXT
NUMBER
DATE
}
"""
Restrictions on the possible values which are allowed to be presented for an attribute.
"""
type W3CProofNegotiationValueRestrictions {
"If not null, the attribute value is required to be in this data format."
dataFormat: W3CValueRestrictionDataFormat
"If not null, the attribute value is required to match this regex pattern."
pattern: String
"""
If not null, then the attribute value is required to appear in this set.
If empty array, then the proof presentation will never be valid.
"""
inSet: [String!]
"If not null, then the attribute value is required to NOT appear in this set."
notInSet: [String!]
"If not null, the attribute value is required to match this exact value."
equal: String
"If not null, the attribute value is required to NOT match this exact value."
notEqual: String
"If not null, the attribute value is required to be a string of length greater than or equal to this length."
minLength: Int
"If not null, the attribute value is required to be a string of length less than or equal to this length."
maxLength: Int
"If not null, the attribute value is required to be less than this value, corresponding to the dataFormat provided."
lessThan: String
"If not null, the attribute value is required to be less than or equal to this value, corresponding to the dataFormat provided."
lessThanOrEqual: String
"If not null, the attribute value is required to be greater than this value, corresponding to the dataFormat provided."
greaterThan: String
"If not null, the attribute value is required to be greater than or equal to this value, corresponding to the dataFormat provided."
greaterThanOrEqual: String
}
"""
AIP Proof Request record data type.
This is a 'request' message within an AIP Proof Exchange.
"""
type AIPProofRequest {
"A comment associated with the message."
comment: String
"Further contents of the message, which depends on the format of the credential being requested for presentation."
format: AIPProofRequestFormat!
}
union AIPProofRequestFormat = AnoncredsProofRequest | W3CProofNegotiation
"""
Anoncreds Proof Request record data type.
"""
type AnoncredsProofRequest {
"A human-friendly name for the proof request."
name: String
"Version of the proof request."
version: String
"""
A single proof presentation may involve the presentation of data from multiple verifiable credentials.
Each attribute group requires presentation of data from exactly one verifiable credential, where the attributes
in the group appear on that verifiable credential.
This 'attributeGroups' property defines attribute groups which are requested for presentation.
"""
attributeGroups: [AnoncredsProofNegotiationAttributeGroup!]!
}
"""
AIP Proof Presentation record data type.
This is a 'presentation' message within an AIP Proof Exchange.
"""
type AIPProofPresentation {
"A comment associated with the message."
comment: String
"Further contents of the message, which depends on the format of the credential being presented."
format: AIPProofPresentationFormat!
"""
If the role on the associated proof exchange is 'Prover', then this will always be null.
If the role on the associated proof exchange is 'Verifier', then;
If null, the proof hasn't been verified yet.
If true, the proof passed verification - this presentation is digitally trusted.
If false, the proof failed verification - this presentation is not digitally trusted.
"""
verificationResult: Boolean
}
union AIPProofPresentationFormat =
AnoncredsProofPresentation
| W3CProofPresentation
"""
Anoncreds Proof Presentation record data type.
"""
type AnoncredsProofPresentation {
"The raw values presented in response to a proof request."
revealedAttributeGroups: [AnoncredsRevealedAttributeGroup!]!
"Referents of the attribute groups for which proof was presented, without raw values."
unrevealedAttributeGroupReferents: [String!]!
"The self-attested values presented in response to a proof request."
selfAttestedAttributes: [AnoncredsSelfAttestedAttribute!]!
"Referents of the attribute groups for which a predicate was presented."
presentedPredicateReferents: [String!]!
}
"""
The values presented for an attribute group in a proof request.
"""
type AnoncredsRevealedAttributeGroup {
"The referent of the attribute group."
referent: String!
"The attributes in the group, with presented values."
attributes: [AnoncredsRevealedAttribute!]!
}
"""
An attribute's raw value presented in response to a proof request.
"""
type AnoncredsRevealedAttribute {
"The name of the attribute."
name: String!
"The value presented for the attribute."
value: String!
}
"""
A self-attested value presented for an attribute in a proof request.
"""
type AnoncredsSelfAttestedAttribute {
"The referent of the single-element attribute group."
referent: String!
"The value presented for the attribute."
value: String!
}
"""
W3C Proof Presentation record data type.
"""
type W3CProofPresentation {
"W3C credentials which are presented to satisfy the proof request."
presentedCredentials: [W3CPresentedCredential!]!
}
"""
A W3C credential presented in response to an attribute group within a proof request.
"""
type W3CPresentedCredential {
"The referent of the attribute group."
referent: String!
"""
The credential presented for the attribute group.
Note that this credential may or may not be derived from another credential.
"""
credential: W3CCredentialPresentation!
}
"""
A presentation of a W3C credential.
Note that this credential may or may not be derived from another W3C credential.
"""
type W3CCredentialPresentation {
"The W3C Verifiable Credential, encoded as a stringified JSON."
credentialJson: String!
"""
A public identifier for the credential.
If null, the credential has no public identifier.
"""
publicId: ID
"The JSON-LD documents which define the contents of the credential."
contexts: [String!]!
"The JSON-LD types found in 'contexts' which define the contents of the credential."
types: [String!]!
"The DID of the issuer of the credential."
issuerId: ID!
"The datetime from which the credential is valid, in ISO 8601 format."
issuanceTimestamp: String!
"The datetime from which the credential is invalid, in ISO 8601 format."
expirationTimestamp: String
"""
Each element in this array is a stringified JSON which contains the attributes for a single credential subject.
A W3C credential may have more than one subject.
"""
subjectJsons: [String!]!
}
"""
Optional filters for the 'aipProofExchanges' query. The filters are AND'd together
"""
input AIPProofExchangesFilter {
"Filter by the AIP version of the proof exchange protocol."
aipVersions: [AIPVersion!]
"Filter by the role this agent plays in the proof exchange."
myProofExRole: AIPProofExRole
"Filter by the current state of the proof exchange."
proofExStates: [AIPProofExState!]
"Filter by the ID of the connection associated with the proof exchange. Must be an exact match."
connectionIds: [ID!]
"Filter by the format of the credential being presented in the exchange."
credentialFormats: [CredentialFormat!]
"""
Filter by the result of the verification of a received proof presentation. Must be an exact match.
Only proof exchanges where myRole=VERIFIER and state=DONE will have a value set for 'verificationResult'.
"""
verificationResult: Boolean
"""
Sort the results of this query by the 'modifiedTimestamp' of the proof exchanges.
Default is 'DESCENDING' so that the latest update will appear first.
"""
sortOrder: SortOrder
}
"""
Input parameters for the 'sendAipProofRequest' mutation.
"""
input AIPProofRequestInput {
"A comment associated with the request."
comment: String
"Parameters specific to the format of the credential presentation being requested."
format: AIPProofRequestFormatInput!
}
"""
A value must be provided for either the 'anoncreds' param or the 'w3c' param, but not both.
"""
input AIPProofRequestFormatInput {
"Parameters available when requesting an Anoncreds Verifiable Presentation."
anoncreds: AnoncredsProofRequestInput
"Parameters available when requesting a W3C Verifiable Presentation."
w3c: W3CProofNegotiationInput
}
"""
Parameters for sending a request for an Anoncreds Verifiable Presentation.
"""
input AnoncredsProofRequestInput {
"Name of the proof request."
name: String!
"Version of the proof request."
version: String!
"Attributes for which the raw value is expected to be presented."
requestedAttributes: [AnoncredsProofNegotiationAttributesInput!]!
"Attributes for which a derived value is expected to be presented."
requestedPredicates: [AnoncredsProofNegotiationPredicateInput!]!
}
input AnoncredsProofNegotiationAttributesInput {
"An identifier for this group of attributes and restrictions."
referent: String!
"Names of all the attributes grouped under this referent."
attributeNames: [String!]!
"""
If not null, the presented attributes must be sourced from a credential
which is not revoked before this timestamp, inclusive, in ISO 8601 format.
"""
nonRevokedToTimestamp: String
"""
Restrictions which apply to every attribute under this referent.
The array elements are OR'd together. The restrictions within each element are AND'd together.
"""
restrictions: [AnoncredsProofNegotiationRestrictionsInput!]!
}
input AnoncredsProofNegotiationPredicateInput {
"An identifier for this attribute, predicate and restrictions."
referent: String!
"The name of the attribute to which the predicate and restrictions apply."
attributeName: String!
"The operator which determines the range of allowed values for this attribute."
predicateOperator: AnoncredsPredicateOperator!
"The limit on the range of values expressed by 'predicateOperator'."
predicateThreshold: Int!
"""
If not null, the presented attributes must be sourced from a credential
which is not revoked before this timestamp, inclusive, in ISO 8601 format.
"""
nonRevokedToTimestamp: String
"""
Additional restrictions which apply to this attribute.
The array elements are OR'd together. The restrictions within each element are AND'd together.
"""
restrictions: [AnoncredsProofNegotiationRestrictionsInput!]!
}
"These restrictions are AND'd together."
input AnoncredsProofNegotiationRestrictionsInput {
"""
If not null, the presented attributes must be sourced from a credential
which is based on the Anoncreds schema with this exact ID.
"""
schemaId: ID
"""
If not null, the presented attributes must be sourced from a credential
which is based on an Anoncreds schema written to the ledger by this ID.
"""
schemaIssuerId: ID
"""
If not null, the presented attributes must be sourced from a credential
which is based on an Anoncreds schema with this name.
"""
schemaName: String
"""
If not null, the presented attributes must be sourced from a credential
which is based on an Anoncreds schema with this version number.
"""
schemaVersion: String
"""
If not null, the presented attributes must be sourced from a credential
which is based on the Anoncreds credential definition with this exact ID.
"""
credDefId: ID
"""
If not null, the presented attributes must be sourced from a credential
which was issued by this ID.
"""
issuerId: ID
"""
If not empty, the presented attributes must be sourced from a credential
which also holds these attributes, with respective values.
"""
peerAttributeValues: [AnoncredsAttributeValueRestrictionInput!]
}
input AnoncredsAttributeValueRestrictionInput {
"Name of the attribute."
name: String!
"Required value of the attribute."
value: String!
}
"""
Parameters for sending a proposal/request for a W3C Verifiable Presentation.
"""
input W3CProofNegotiationInput {
"A human-friendly name for the proof proposal/request."
name: String
"A human-friendly description of the purpose for the proof proposal/request."
purpose: String
"""
A single proof presentation may involve the presentation of data from multiple verifiable credentials.
Each attribute group requires presentation of data from exactly one verifiable credential, where the attributes
in the group appear on that verifiable credential.
These attribute groups are also known as input descriptors.
"""
attributeGroups: [W3CProofNegotiationAttributeGroupInput!]!
"""
Each element in this array is a stringified JSON of submission requirements,
with each JSON structured according to the DIF spec:
https://identity.foundation/presentation-exchange/spec/v1.0.0/#submission-requirements
"""
submissionRequirementJsons: [String!]
}
input W3CProofNegotiationAttributeGroupInput {
"A unique identifier for the attribute group."
referent: String!
"""
For backward compatibility.
Restricts the @context and type of a W3CCredential.
Equivalent to the 'attributes' property containing two W3CProofNegotiationAttributeInputs
where 'attributePaths' is set to ["$.@context"] and ["$.type"] respectively,
with 'restrictions' set appropriately for each.
"""
schemaUris: [String!]
"A list of attributes within the group, with restrictions applied to each attribute."
attributes: [W3CProofNegotiationAttributeInput!]!
}
input W3CProofNegotiationAttributeInput {
"""
JSONPath paths which could possibly locate the attribute within the JSON-encoded W3C credential subject.
Only one path needs to match.
"""
attributePaths: [String!]!
"A human-friendly description of the purpose for proposing/requesting this attribute."
purpose: String
"Restrictions on the possible values allowed to be presented for this attribute."
restrictions: W3CProofNegotiationRestrictionsInput!
"If true, then the holder of the source credential must also be the subject of the source credential."
isHolderSubject: Boolean!
"""
If 'RAW_VALUE', then the prover is required to present the raw value of the attribute.
If 'PREDICATE', then the prover is required to present a predicate (boolean value)
instead of the raw value of the attribute.
If 'PREDICATE_OR_RAW_VALUE', then the prover may present either a predicate (boolean value)
or the raw value of the attribute, but a predicate is preferred.
"""
presentationType: W3CProofNegotiationPresentationType!
}
"""
Restrictions on the value which may be presented for an attribute.
"""
input W3CProofNegotiationRestrictionsInput {
"If not null, the attribute value is required to be in this data format. Default is 'TEXT'."
dataFormat: W3CValueRestrictionDataFormat
"If not null, the attribute value is required to match this regex pattern."
pattern: String
"If not null, then the attribute value is required to appear in this set."
inSet: [String!]
"If not null, then the attribute value is required to NOT appear in this set."
notInSet: [String!]
"If not null, the attribute value is required to match this exact value."
equal: String
"If not null, the attribute value is required to NOT match this exact value."
notEqual: String
"If not null, the attribute value is required to be a string of length greater than or equal to this length."
minLength: Int
"If not null, the attribute value is required to be a string of length less than or equal to this length."
maxLength: Int
"If not null, the attribute value is required to be less than this value, corresponding to the dataFormat provided."
lessThan: String
"If not null, the attribute value is required to be less than or equal to this value, corresponding to the dataFormat provided."
lessThanOrEqual: String
"If not null, the attribute value is required to be greater than this value, corresponding to the dataFormat provided."
greaterThan: String
"If not null, the attribute value is required to be greater than or equal to this value, corresponding to the dataFormat provided."
greaterThanOrEqual: String
}
"""
Input parameters for the 'acceptAipProofRequest' mutation.
"""
input AIPProofPresentationInput {
"Parameters specific to the format of the credential presentation being sent."
format: AIPProofPresentationFormatInput!
}
"""
A value must be provided for either the 'anoncreds' param or the 'w3c' param, but not both.
"""
input AIPProofPresentationFormatInput {
"Parameters available when sending an Anoncreds Verifiable Presentation."
anoncreds: AnoncredsProofPresentationInput
"Parameters available when sending a W3C Verifiable Presentation."
w3c: W3CProofPresentationInput
}
input AnoncredsProofPresentationInput {
"""
Present proof of ownership, with raw values, from these credentials
in response to these proof request attribute group referents.
"""
revealedAttributeGroups: [AnoncredsPresentedCredentialInput!]!
"""
Present proof of ownership, but not the raw values, from these credentials
in response to these proof request attribute group referents.
"""
unrevealedAttributeGroups: [AnoncredsPresentedCredentialInput!]!
"""
Present self-attested raw values in response to these proof request attribute referents.
"""
selfAttestedAttributes: [AnoncredsSelfAttestedAttributeInput!]!
"""
Present proof of ownership, with ZKP values which are derived from the raw values,
from these credentials in response to these proof request attribute referents.
"""
presentedPredicates: [AnoncredsPresentedCredentialInput!]!
}
input AnoncredsPresentedCredentialInput {
"Referent of an attribute group in the proof request."
referent: String!
"The held credential to generate a presentation from in response to this referent."
credentialId: ID!
}
input AnoncredsSelfAttestedAttributeInput {
"Referent of an attribute in the proof request."
referent: String!
"The value to present in response to this referent."
value: String!
}
input W3CProofPresentationInput {
"Present these W3C Verifiable Credentials in response to these proof request referents."
presentedCredentials: [W3CPresentedCredentialInput!]!
}
input W3CPresentedCredentialInput {
"Referent of an attribute group (a.k.a. ID of an input descriptor) in the proof request."
referent: String!
"The held W3C Verifiable Credential to generate a presentation from in response to this referent."
credentialId: ID!
}
"""
Paged result container of the 'aipProofExchanges' query
"""
type AIPProofExchangesResult {
"The result items"
items: [AIPProofExchange!]!
"The next page token, or null if no more pages exist"
nextToken: String
}
"""
Result container of the 'credentialsForAipProofExchange' query
"""
type CredentialsForAIPProofExchangeResult {
credentialsForReferents: [CredentialsForReferent!]!
}
type CredentialsForReferent {
"""
The referent to a subsection in the proof request for which an individual credential can be presented.
If null, then this object does not map its 'credentialIds' to any particular referent.
"""
referent: String
"The IDs of held credentials which are valid for presentation to the referent."
credentialIds: [ID!]!
}
#
# Data types for Audit Logs
#
"""
AuditLog record data type.
"""
type AuditLog {
"An identifier for the audit log"
requestId: ID!
"The identifier of the user which performed the request"
userId: ID!
"The type for the user ID; whether the user was authorized via Bearer Token or API Key"
userIdType: AuditLogUserIdType!
"The time the audit log was stored in ISO 8601 format"
timestamp: String!
"The operation which was logged by the service"
operationId: String!
"The arguments provided by the user for the operation"
operationArgs: String!
"The resulting data from the user performed operation"
operationResultData: String
"The category of the audit log operation"
operationCategory: AuditLogOperationCategory!
"Whether the operation was successful or not"
isSuccess: Boolean!
"The user agent which was supplied with the operation request"
userAgent: String
"The HTTP status result of the operation executed"
httpStatus: Int
"The HTTP method of the operation request"
httpMethod: String
}
"""
Type for the user authorization which gives context to the user ID
"""
enum AuditLogUserIdType {
"The logged userId is the ID of the API Key"
API_KEY_ID
"The logged userId is the ID of the Admin User via Bearer Token"
ADMIN_USER_ID
"The logged userId is the a SHA256 hash of the API Key"
API_KEY_SHA256
"No user ID was logged, the service was accessed without authorization"
NO_AUTH
}
"""
Categorization of an audit log operation
"""
enum AuditLogOperationCategory {
"The logged operation was performed via the /graphql API endpoint"
GRAPHQL
"The logged operation was performed via the /acapy API endpoint"
ACAPY
}
"""
Optional filters for the 'auditLogs' query. The filters are AND'd together
"""
input AuditLogFilter {
"Filter audit logs by request IDs"
requestIds: [String!]
"Filter audit logs by user IDs"
userIds: [String!]
"Filter audit logs by user ID types"
userIdTypes: [AuditLogUserIdType!]
"Filter audit logs by operation IDs"
operationIds: [String!]
"Filter audit logs by operation category"
operationCategories: [AuditLogOperationCategory!]
"Filter audit logs by success status"
isSuccess: Boolean
"""
Filter audit logs by start time in ISO 8601 format.
Returned results will be equal to or older than the date provided
"""
startTimestamp: String
"""
Filter audit logs by end time in ISO 8601 format.
Returned results will be equal to or newer than the date provided
"""
endTimestamp: String
"Returns the results in chronological or reverse chronological order"
sortOrder: SortOrder
}
"""
Paged result container of the 'AuditLogResult' query
"""
type AuditLogResult {
"The result items"
items: [AuditLog]!
"The next page token, or null if no more pages exist"
nextToken: String
}
#
# Other data types
#
"""
Aries Interop Profile (AIP) version
"""
enum AIPVersion {
V1
V2
}
"""
Credential format
"""
enum CredentialFormat {
ANONCREDS
W3C
}
"""
Page information for queries that support pagination
"""
input Page {
"The maximum number of items to return in the page"
limit: Int = null
"The token of the next page"
nextToken: String = null
}
"""
Used to specify the order of result items returned by some queries.
"""
enum SortOrder {
"""
Increasing order, arranges items from the lowest value to the highest value.
For datetime values this is oldest to newest.
"""
ASCENDING
"""
Decreasing order, arranges items from the highest value to the lowest value.
For datetime values this is newest to oldest.
"""
DESCENDING
}
#
# Queries
#
type Query {
"""
Gets information about a connection exchange.
Returns the AIPConnectionExchange record if the connection exchange with the supplied ID exists.
"""
aipConnectionExchange(
"The ID of the connection exchange to retrieve."
connExId: ID!
): AIPConnectionExchange
"""
Gets a page of connection exchange records.
Returns an AIPConnectionExchangesResult object with the connection exchanges that match the supplied input filters.
"""
aipConnectionExchanges(
"Page filter for the query"
page: Page!
"Data filter for the query"
filter: AIPConnectionExchangesFilter = null
): AIPConnectionExchangesResult!
"""
Gets information about a connection.
Returns the Connection record if the connection with the supplied ID exists.
"""
connection(
"The ID of the connection to retrieve"
connectionId: ID!
): Connection
"""
Gets a page of connections records.
Returns a ConnectionsResult object with the connections that match the supplied input filters.
"""
connections(
"Page filter for the query"
page: Page!
"Data filter for the query"
filter: ConnectionsFilter = null
): ConnectionsResult!
"""
Gets a page of basic message records.
Returns a BasicMessagesResult object with the basic messages that match the supplied input filters.
"""
basicMessages(
"Page filter for the query"
page: Page!
"Data filter for the query"
filter: BasicMessagesFilter!
): BasicMessagesResult!
"""
Gets information about an Anoncreds Schema.
Returns an AnoncredsSchema if the schema with the supplied ID exists.
"""
anoncredsSchema(
"The ID of the schema to retrieve"
schemaId: ID!
): AnoncredsSchema
"""
Gets a page of Anoncreds Schema records.
Returns an AnoncredsSchemasResult object containing the schemas known to this agent that match the supplied input filters.
"""
anoncredsSchemas(
"Page filter for the query. The page limit defaults to 100"
page: Page!
"Optional data filters for the query"
filter: AnoncredsSchemasFilter
): AnoncredsSchemasResult!
"""
Gets information about an Anoncreds Credential Definition.
Returns an AnoncredsCredDef if the credDef with the supplied ID exists.
"""
anoncredsCredDef(
"The ID of the credDef to retrieve"
credDefId: ID!
): AnoncredsCredDef
"""
Gets a page of Anoncreds Credential Definition records.
Returns an AnoncredsCredDefsResult object containing the credDefs known to this agent that match the supplied input filters.
"""
anoncredsCredDefs(
"Page filter for the query. The page limit defaults to 100"
page: Page!
"Optional data filters for the query"
filter: AnoncredsCredDefsFilter
): AnoncredsCredDefsResult!
"""
Get a Credential by its ID.
"""
credential(credentialId: ID!): Credential
"""
Returns a list of Credentials.
"""
credentials(page: Page!, filter: CredentialsFilter): CredentialsResult!
"""
Get an AIPCredentialExchange by its ID.
"""
aipCredentialExchange(credExId: ID!): AIPCredentialExchange
"""
Returns a list of AIPCredentialExchanges.
Tip: To fetch records of credentials issued by this agent, filter this query
with 'myRole' equal to 'ISSUER' and 'state' equal to 'DONE', then read the
AIPCredIssued message of each returned AIPCredentialExchange.
"""
aipCredentialExchanges(
page: Page!
filter: AIPCredentialExchangesFilter
): AIPCredentialExchangesResult!
"""
Get an AIPProofExchange by its ID.
"""
aipProofExchange(proofExId: ID!): AIPProofExchange
"""
Returns a list of AIPProofExchanges.
Tip: To fetch proof presentations, filter this query with 'state' equal to 'DONE',
then read the AIPProofPresentation message of each returned AIPProofExchange.
"""
aipProofExchanges(
page: Page!
filter: AIPProofExchangesFilter
): AIPProofExchangesResult!
"""
Get a list of Credential IDs which can satisfy a proof exchange where myRole=PROVER and state=REQUEST.
"""
credentialsForAipProofExchange(
proofExId: ID!
): CredentialsForAIPProofExchangeResult!
"""
Gets a page of AuditLog records.
Returns an AuditLogsResult object containing the auditLogs that match the supplied input filters.
"""
auditLogs(
"Page filter for the query. The page limit defaults to 100"
page: Page!
"Optional data filters for the query"
filter: AuditLogFilter
): AuditLogResult!
}
#
# Mutations
#
type Mutation {
"""
Creates a connection invitation and an associated connection exchange in the INVITATION state.
Returns the created connection exchange, with the invitation attached within.
The invitation must be delivered to the invitee out-of-band.
"""
createAipConnectionInvitation(invitation: CreateAipConnectionInvitationInput!): AIPConnectionExchange!
"""
Receives and accepts a connection invitation, and creates an associated connection exchange in the REQUEST state.
Returns the created connection exchange.
"""
acceptAipConnectionInvitation(invitation: AcceptAipConnectionInvitationInput!): AIPConnectionExchange!
"""
Deletes a connection exchange.
Returns true if the operation completes with records deleted, false if not.
"""
deleteAipConnectionExchange(connExId: ID!): Boolean!
"""
Deletes a connection.
Returns true if the operation completes with records deleted, false if not.
"""
deleteConnection(
"The ID of the connection to delete"
connectionId: ID!
): Boolean!
"""
Sends a basic message to a peer of an established connection.
Returns the BasicMessage record that was created if the message was sent successfully.
"""
sendBasicMessage(
"The ID of the connection to send the message to"
connectionId: ID!
"The message content"
content: String!
): BasicMessage!
"""
Broadcasts a basic message to peers of a set of established connections. A new basic message record is created per connection.
Returns a BroadcastBasicMessageResult object with the connection IDs of all peers that the message was successfully sent to.
"""
broadcastBasicMessage(
"The IDs of the connections to broadcast the message to"
connectionIds: [ID!]!
"The message content"
content: String!
): BroadcastBasicMessageResult!
"""
Deletes basic message records by ID. The messages are deleted locally, not on the other end of the connection.
Returns a DeleteBasicMessagesResult object with the message IDs of all messages that were deleted.
"""
deleteBasicMessages(
"The IDs of the messages to delete"
messageIds: [ID!]!
): DeleteBasicMessagesResult!
"""
Deletes _all_ basic message records for a given connection. The messages are deleted locally, not on the other end of the connection.
Returns true if the operation completes with records deleted, false if not.
"""
deleteBasicMessagesForConnection(
"The ID of the connection to delete all messages for"
connectionId: ID!
): Boolean!
"""
Creates new Anoncreds Schema.
Returns the new Anoncreds Schema.
"""
createAnoncredsSchema(args: CreateAnoncredsSchemaArgs!): AnoncredsSchema!
"""
Creates new Anoncreds Credential Definition.
Returns the new Anoncreds Credential Definition.
"""
createAnoncredsCredDef(args: CreateAnoncredsCredDefArgs!): AnoncredsCredDef!
"""
Deletes a credential.
Returns true if the operation completes with records deleted, false if not.
"""
deleteCredential(
"The ID of the credential to delete"
credentialId: ID!
): Boolean!
"""
Creates a new credential exchange in the OFFER state and sends the offer to the specified connection.
This mutation is intended to be called by the ISSUER role.
The offer follows AIP version 2.
"""
sendAipCredentialOffer(connectionId: ID!, offer: AIPCredOfferInput!): AIPCredentialExchange!
"""
Accepts a received credential offer and sends a follow-up credential request.
This will move the state of the specified credential exchange from OFFER to REQUEST.
This mutation is intended to be called by the HOLDER role.
Supports both AIP versions 1 and 2.
"""
acceptAipCredentialOffer(credExId: ID!, acceptOffer: AcceptAipCredOfferInput!): AIPCredentialExchange!
"""
Accepts a received credential request and finally issues the verifiable credential.
This will move the state of the specified credential exchange from REQUEST to ISSUED.
This mutation is intended to be called by the ISSUER role.
Supports both AIP versions 1 and 2.
"""
acceptAipCredentialRequest(credExId: ID!, acceptRequest: AcceptAipCredRequestInput!): AIPCredentialExchange!
"""
Deletes a credential exchange.
Returns true if the operation completes with records deleted, false if not.
"""
deleteAipCredentialExchange(
"The ID of the credential exchange to delete"
credExId: ID!
): Boolean!
"""
Creates a new proof exchange in the REQUEST state and sends the request to the specified connection.
This mutation is intended to be called by the VERIFIER role.
The request follows AIP version 2.
"""
sendAipProofRequest(connectionId: ID!, request: AIPProofRequestInput!): AIPProofExchange!
"""
Accepts a received proof request and finally sends the verifiable presentation.
This will move the state of the specified proof exchange from REQUEST to PRESENTED.
This mutation is intended to be called by the PROVER role.
Supports both AIP versions 1 and 2.
"""
acceptAipProofRequest(proofExId: ID!, presentation: AIPProofPresentationInput!): AIPProofExchange!
"""
Deletes a proof exchange.
Returns true if the operation completes with records deleted, false if not.
"""
deleteAipProofExchange(
"The ID of the proof exchange to delete"
proofExId: ID!
): Boolean!
}Last updated