Credential States
Credentials in the system have a state that reflects where they are in the
lifecycle and their current validity status.
State diagram
States
| State | Description |
|---|---|
CREATED | Credential has been created but not yet shared with a holder. |
PENDING | Credential has been shared; a valid offer URL exists and is awaiting the holder. |
OFFERED | Holder's wallet has requested the issuance token; exchange is in progress. |
ACCEPTED | Holder has accepted the credential; it is active and valid. |
SUSPENDED | Credential has been temporarily invalidated by the issuer; can be reactivated. |
REVOKED | Credential has been permanently invalidated. |
INTERACTION_EXPIRED | The share URL has expired before the holder accepted. |
REJECTED | Holder deleted the credential after acceptance. |
ERROR | An error occurred during the issuance exchange. |
Offer expiration
A credential offer enters INTERACTION_EXPIRED state when its share URL has
expired and can no longer be used by the holder. To refresh an expired offer,
call the share endpoint again to generate a new URL.
The share URL validity period is set by the preAuthorizedCodeExpiresIn
parameter in your issuance protocol configuration. This parameter is
required for credential offers.
Issuance notifications
The system pairs each credential issuance with a notification_id. Enabled
wallets use the notification endpoint — for example
/ssi/openid4vci/final-1/{id}/notification — to report the outcome of an
offer:
credential_acceptedcredential_failurecredential_deleted