# Standalone VC Issue & Verify For certain use cases, it can be desirable to issue VCs independent of [DI Credential Exchange protocols](/guides/decentralized-identity/cloud-agent/cloud-agent-admin-api/aries-interop-profile-aip/credential-exchanges.md). ## Sign a W3C Verifiable Credential The Cloud Agent can be used to sign a W3C Verifiable Credential using a specified cryptographic securing mechanism. The `signer` parameter accepts either a DID or a specific verification method. The mutation accepts a `credentialJson` , which must be a valid JSON stringified [W3C VCDM](https://www.w3.org/TR/vc-data-model-2.0/) (V1.1 or V2.0). The output includes both the finalised `credentialJson` (stringified JSON W3C VCDM object) that was ultimately signed, and the `securedCredentialJson` that is cryptographically signed by the agent (stringified JSON data using the specified securingMechanism.) ### Linked Data Proof Sign a credential using the Linked Data Proof securing mechanism, which produces a credential in the `ldp_vc` format - i.e. an embedded JSON-LD `proof` object. ```graphql mutation MyMutation { signCredential( input: { signer: "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK" format: { w3c: { credentialJson: "{\"@context\":[\"https://www.w3.org/2018/credentials/v1\"],\"type\":[\"VerifiableCredential\"],\"issuer\":\"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK\",\"issuanceDate\":\"2024-01-01T00:00:00Z\",\"credentialSubject\":{\"id\":\"did:example:123\",\"name\":\"Alice\"}}" securingMechanism: LINKED_DATA_PROOF } } } ) { ... on SignW3CCredentialResult { credentialJson securedCredentialJson } } } ``` ### SD-JWT Sign a credential using the Selective Disclosure JWT securing mechanism, which produces a credential in the `vc+sd-jwt` format - i.e. an SD-JWT encoded W3C VCDM. ```graphql mutation MyMutation { signCredential( input: { signer: "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK" format: { w3c: { credentialJson: "{\"@context\":[\"https://www.w3.org/2018/credentials/v1\"],\"type\":[\"VerifiableCredential\"],\"issuer\":\"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK\",\"issuanceDate\":\"2024-01-01T00:00:00Z\",\"credentialSubject\":{\"id\":\"did:example:123\",\"name\":\"Alice\"}}" securingMechanism: SD_JWT } } } ) { ... on SignW3CCredentialResult { credentialJson securedCredentialJson } } } ``` ### Embed Credential Status The cloud agent can automatically assign and embed credential status information when signing a credential. The system will generate and insert `credentialStatus` fields into the credential, assigning it to the specified status list definition. The given status list definition must be created in accordance with [Credential Status Lists](/guides/decentralized-identity/cloud-agent/cloud-agent-admin-api/credentials/credential-status-lists.md). The mutation will also return the `createdStatusListEntry` that was created, and can subsequently be managed via [Credential Status Lists](/guides/decentralized-identity/cloud-agent/cloud-agent-admin-api/credentials/credential-status-lists.md). ```graphql mutation MyMutation { signCredential( input: { signer: "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK" format: { w3c: { credentialJson: "{\"@context\":[\"https://www.w3.org/2018/credentials/v1\"],\"type\":[\"VerifiableCredential\"],\"issuer\":\"did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK\",\"issuanceDate\":\"2024-01-01T00:00:00Z\",\"credentialSubject\":{\"id\":\"did:example:123\",\"name\":\"Alice\"}}" securingMechanism: LINKED_DATA_PROOF embedCredentialStatus: { statusListDefinitionIdentifier: "my-status-list-def" } } } } ) { ... on SignW3CCredentialResult { credentialJson securedCredentialJson createdStatusListEntry { credentialId statusListDefinitionIdentifier } } } } ``` ## Verify a Verifiable Credential The Cloud Agent can also be used to verify a secured (signed) credential of various formats and signature schemes, including with credential status checks (i.e. for revocation). To a verify a VC and check its revocation status (if there is one), the `verifyCredential` mutation can be called, providing the JSON stringified secured VC as the `securedCredentialJson` value. The mutation will return the payload that it decoded from the secured payload, whether the issuer's signature was valid, and if applicable, the credential statuses. If these checks fail to execute, an error will be given with the `reason` field. {% hint style="info" %} The input `securedCredentialJson` should be the JSON stringified version of the secured credential payload, which can take multiple formats depending on how it was secured. For instance, an \[SD-]JWT secured VC would take a JSON stringified form such as: `"\"eyJ0...\""` , whereas a Linked Data Proof secured W3C VC would take a JSON stringified form such as: `"{ \"@context\": [...], ... }"`. {% endhint %} ```graphql mutation MyMutation { verifyCredential(input:{ securedCredentialJson: "\"eyJ0eXAiOiAidmMrc2Qtand0IiwgImFsZyI6ICJFZERTQSIsICJraWQiOiAiZGlkOmtleTp6Nk1rb2pkNFhaQnpmejlpaWFBVGRZSGdZMnptdENQVmJUajdHeHNqdWtZbmtIdzcjejZNa29qZDRYWkJ6Zno5aWlhQVRkWUhnWTJ6bXRDUFZiVGo3R3hzanVrWW5rSHc3In0.eyJfc2QiOiBbIjZUZXljeElvR1dsYzZKdXZEdl9wNmF2U1hWWGE3U1FFUVNzajAtQ3N6alEiLCAiRG9wa1laRWk4R0w4YXlZdGZVOGtqZ2dUTjlqQnFESUlXZDMzYnU2UW1ibyIsICJMNDFuNjZWQmltTENIZmlSSTlNbFV6UkgtSF9IOEpvV0QwUmp3Rms1bTdJIiwgImQ4aWZ4eXUwUjZWcm1ZblN4Rmt1WjB5aktaOTV5OEZ4a1VtYWQwWFQ0WjgiLCAiak9jUk0yekdSdEY0NU9qMWE5U1pSVXNIVHR3eVBrbnEtcHp0Um95WWZvbyJdLCAiaXNzdWFuY2VEYXRlIjogIjIwMjUtMTItMDJUMDA6Mjg6NDIuMDAwWiIsICJpc3N1ZXIiOiAiZGlkOmtleTp6Nk1rb2pkNFhaQnpmejlpaWFBVGRZSGdZMnptdENQVmJUajdHeHNqdWtZbmtIdzciLCAiX3NkX2FsZyI6ICJzaGEtMjU2In0.NR5jlRC8kKIs1mGqzeh1bxR1NDPdI_Zxm46nqyYlCVZFQicgHb7aF0YHbyXaFLSp8K5Uh0WyCNAZWT4uVYy1AQ~WyJIVG52NmpJVjdpSUdhU2JQNHVWZjBRIiwgIlZlcmlmaWFibGVDcmVkZW50aWFsIl0~WyJaRHBpd1IzSWhSR1c3Q1BRMjg4aUx3IiwgIlBlcm1hbmVudFJlc2lkZW50Il0~WyJQaEIzZ0d1aGRHbW5ETGlRMTBNaGVRIiwgInR5cGUiLCBbeyIuLi4iOiAiNWN2ZEQwc1VWeU5DcTNFYV8xZTVHOWdVY0tGcnFaT2M3S2JYYlZ3NXp0TSJ9LCB7Ii4uLiI6ICJKSU9RVEc3S3UwX2ZNYXRuTlVQZkRDdDl0VG90amF1bENvZDVEY3R1YkZrIn1dXQ~WyJoSjFtSmxsSlowZF83QjlTWUlSbG1BIiwgImlkIiwgInVybjp1dWlkOjgzMjkwMjVmLTEwYzMtNGEwMC04YWFiLTk3OGMzOWEyNDIyZSJd~WyJPUlJZdkJZeW9RTnBWSG5GUFAtbzhRIiwgIlBlcm1hbmVudFJlc2lkZW50Il0~WyJOQ3JoSmVILTU4SDF4aE5Qc1VXLUJBIiwgInR5cGUiLCBbeyIuLi4iOiAiT0JpeGxfOG5GWXZXdDNNN0ExaXJoU3ZzcGZKMFZzcHRxdll1NVpZeFZXUSJ9XV0~WyJGSDFaVGZtbFVSVE5wTER4WS1jX3BRIiwgImdpdmVuTmFtZSIsICJKb2huIl0~WyJwX20zTmpDWnJLMFpmc3ZMeXVnQVFRIiwgImZhbWlseU5hbWUiLCAiRG9lIl0~WyJsakZBYTJmclVUUDBieEZLYXdHYW13IiwgImNyZWRlbnRpYWxTdWJqZWN0IiwgeyJfc2QiOiBbIktPZXJ3ck01dVFnaXRNTHlwUzA5MThtS0ozYWhhR1RKLTE0TlYwSTE2ekUiLCAiUXI5bm9JSTFFNkF1eWpqNi14aFdzc1lxSDdDM1M1LXRzZDZpV2ZwaWJRYyIsICJ2djRzcFhxT09WTnVJV2QtYlhDblVMOUlnOTlLTlBkY29mdUFLSVhQUTlNIl19XQ~WyJNQ3JiOVVQMG55LXVCLWF2TEIxbFdnIiwgInR5cGUiLCAiQml0c3RyaW5nU3RhdHVzTGlzdEVudHJ5Il0~WyJDdTBuaHlFaEJqbkQ1UXVvenhNTEJBIiwgInN0YXR1c1B1cnBvc2UiLCAic3VzcGVuc2lvbiJd~WyJWbi1LVXJNZ2l3OXowMUI0MmVvdUhRIiwgInN0YXR1c0xpc3RJbmRleCIsICI4OTM2MyJd~WyJnU25sMk1ubG5EUGY0RFFTakJMVE93IiwgInN0YXR1c0xpc3RDcmVkZW50aWFsIiwgImh0dHBzOi8vc3RhdHVzbGlzdC5kaS1kZXYuZGktdGVhbS5kZXYuc3Vkb3BsYXRmb3JtLmNvbS9zdGF0dXNfbGlzdC80OCJd~WyIwcjJ2VzZtOHBPOUcya2xjYlgzOHNRIiwgImlkIiwgImh0dHBzOi8vc3RhdHVzbGlzdC5kaS1kZXYuZGktdGVhbS5kZXYuc3Vkb3BsYXRmb3JtLmNvbS9zdGF0dXNfbGlzdC80OCM4OTM2MyJd~WyJyYUkxNGhiTFRmRXlBZ0FKck1nTTR3IiwgInR5cGUiLCAiQml0c3RyaW5nU3RhdHVzTGlzdEVudHJ5Il0~WyJuSWFVc19IM01KSXplRlNQbW1HVnNBIiwgInN0YXR1c1B1cnBvc2UiLCAicmV2b2NhdGlvbiJd~WyJiRjE3M0FhTnBjQ0REVnJwZUJpTUZBIiwgInN0YXR1c0xpc3RJbmRleCIsICI4MjExMiJd~WyJXZE05NTBqRm1FWE5zTGpZWXN4b1JRIiwgInN0YXR1c0xpc3RDcmVkZW50aWFsIiwgImh0dHBzOi8vc3RhdHVzbGlzdC5kaS1kZXYuZGktdGVhbS5kZXYuc3Vkb3BsYXRmb3JtLmNvbS9zdGF0dXNfbGlzdC80NiJd~WyIxNlItY0JFVnFkeUItNTdtNHl0RFB3IiwgImlkIiwgImh0dHBzOi8vc3RhdHVzbGlzdC5kaS1kZXYuZGktdGVhbS5kZXYuc3Vkb3BsYXRmb3JtLmNvbS9zdGF0dXNfbGlzdC80NiM4MjExMiJd~WyJhcEkyeERONTZZT2tSczlTSi1FanhnIiwgImNyZWRlbnRpYWxTdGF0dXMiLCBbeyJfc2QiOiBbIjdqZjcxMkdxOW41MHVFOE9YVjZvYkJfN3FIa1NuMGR3ZXBybGlqc2VjeTgiLCAiQXU4dVVPNDlqdE4tM3poU0pseUdWYW9xdHJudlZHR2xIT01ZTjVHZ1IxayIsICJiRGJSbGlfVXBJeWlLZHhjVUNqQTlqUjlqT3NZM0ZoeWRWOHdHWGJTV0dnIiwgImRzWUZHY1JlVE1hTXgzVjZKT1lUTkhXa1RZQnk0bWVYYkFhenZFNzJDU2MiLCAidVBKdm1ZYVZMTDBtcExXVmViTTZLbF9COVVDQ0I1cER1bTRtNWZxYmZhdyJdfSwgeyJfc2QiOiBbIk5PUjEwcTFHVC1OVFFmRXZXcGxKbmhXQ1UxOW9yRVh0TE83WUl4V0VaYVkiLCAiYk5Kc2YtR2dVNmcwVFhubzFrN2VHMFh1azRoaGZmT1VCTzNyemwtQVBXWSIsICJoNjRKSHR0T290U1JDQmwtTHJCdmt3V1NEMndqa1JHX3lPdy05NXBMdWZNIiwgImlJZjVaV05YVlhtVnBqZ1IzcWtEOFctZzFfTjl1SnJpMFlLZ1BzY2RoWHMiLCAieUtiSmROZTFxMmRKanBzVEhtMGwxd1VQUHhfRk9fUWNPeVVhb3FFeHY2YyJdfV1d~WyI4VVJWLUVWOE5MZXcxM0o5Ylhfa3ZnIiwgImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0~WyJDN2hiY0c4TVNlUmkyOWh2MHVPaGxRIiwgImh0dHBzOi8vdzNpZC5vcmcvY2l0aXplbnNoaXAvdjEiXQ~WyJKUHp2SWY5QmphbU1FbmJLT0pOXzlnIiwgImh0dHBzOi8vd3d3LnczLm9yZy9ucy9jcmVkZW50aWFscy9zdGF0dXMvdjEiXQ~WyJydEllOU5oOU90VjJOS2Q4d3dLQlZBIiwgIkBjb250ZXh0IiwgW3siLi4uIjogIjRBTjdfVzVadU53VVJTSm1NSzQ1azAwNmFVT3JwaHBSSC1ZVTRlbzBNT3MifSwgeyIuLi4iOiAieTBTZHlBdFVSdi1vUTVwZmhrS1k4aG56Qk84QzJoTnhTVkNueVhUMUxVWSJ9LCB7Ii4uLiI6ICJXVEZBbUZNVVZKeXZmSEx5SlBGN0hBdFNYemNJcDlIQTFrOUxtUWxSSkRRIn1dXQ~\"" }) { format { ... on VerifyW3CCredentialFormatResult { credentialJson securingMechanism } } signatureVerified { value reason } statusChecks { revoked { value reason } } } } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sudoplatform.com/guides/decentralized-identity/cloud-agent/cloud-agent-admin-api/credentials/standalone-vc-issue-and-verify.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.