In the W3C Verifiable Credentials data model, a Credential Manifest is a formal specification that acts as a request for issuance. It is published by an issuer to communicate the exact inputs—such as specific claims, proofs, or other credentials—that a holder must provide to receive a new credential. This creates a clear, standardized contract between the two parties, enabling automated and interoperable credential issuance workflows. The manifest itself is a JSON document structured according to the Decentralized Identity Foundation (DIF) specification, ensuring it can be processed by compliant wallets and agents.
LABS
Glossary
Credential Manifest
A Credential Manifest is a machine-readable document from an issuer that describes the metadata, format, and requirements for issuing a specific type of Verifiable Credential.
Chainscore © 2026
definition
DECENTRALIZED IDENTITY
What is a Credential Manifest?
A Credential Manifest is a machine-readable document that defines the requirements a subject must meet to be issued a specific Verifiable Credential.
The core components of a manifest include the issuer descriptor, the output_descriptors which detail the credential to be issued, and the presentation_definition which specifies the required proofs. The presentation_definition is a critical element, as it can mandate that the holder submit existing Verifiable Credentials, specific claims, or even a Verifiable Presentation containing bundled proofs. This allows for complex, conditional issuance logic, such as requiring proof of a university degree before issuing a professional license credential. The manifest effectively decouples the issuance process from any specific user interface.
Credential Manifests are foundational to user-centric identity systems. They empower holders by giving them transparent insight into what is required before they disclose any personal data. In practice, a digital wallet application fetches the issuer's manifest, parses the requirements, and helps the user gather and format the necessary proofs from their existing credential storage. This mechanism is essential for scalable trust frameworks and is often paired with a Credential Fulfillment message, which is the holder's structured response containing the requested proofs, completing the issuance protocol.
how-it-works
VERIFIABLE CREDENTIALS
How a Credential Manifest Works
A Credential Manifest is a machine-readable document that defines the prerequisites, inputs, and outputs for issuing a specific Verifiable Credential, acting as a blueprint for credential issuance.
A Credential Manifest is a standardized data structure, often defined using the W3C Verifiable Credentials Data Model and related specifications, that an issuer publishes to communicate the requirements a subject must fulfill to be issued a particular credential. It specifies the input descriptors—the types of verifiable data or proofs a holder must present—and the format of the output descriptor, which describes the credential to be issued. This creates a clear, auditable, and automated contract between the issuer and the potential holder, streamlining the application and issuance process in decentralized identity ecosystems.
The core components of a manifest include the issuer metadata, a unique id, and the output_descriptors array detailing the credentials on offer. Crucially, it contains presentation_definition objects, which specify the exact Verifiable Presentations a holder must submit. These definitions can require specific credential types (e.g., a government ID), certain claims within those credentials (e.g., age > 21), or even proofs of cryptographic control. By defining these rules upfront, the manifest enables wallets and agents to automatically determine if a user possesses the necessary credentials before initiating an issuance flow.
In practice, a user's digital wallet discovers a Credential Manifest from an issuer (e.g., a university offering a diploma credential). The wallet parses the presentation_definition and checks the user's credential wallet for matching Verifiable Credentials. If the user has the required proofs, the wallet can automatically construct and submit a compliant Verifiable Presentation. Upon verification, the issuer's system then generates and signs the new credential described in the output_descriptor, delivering it back to the user's wallet. This entire interaction is often facilitated by protocols like OpenID for Verifiable Credential Issuance (OIDC4VCI).
The power of the Credential Manifest lies in its interoperability and automation. It decouples the issuance logic from the application UI, allowing any compliant wallet to interact with any compliant issuer. This is foundational for scalable SSI (Self-Sovereign Identity) systems, enabling use cases like automated KYC checks, credential re-issuance, and portable educational records. It works in tandem with a Credential Offer, which is a specific invitation containing a manifest ID, and a Credential Response, which is the final, signed credential issued to the holder.
key-features
W3C STANDARD
Key Features of a Credential Manifest
A Credential Manifest is a W3C Verifiable Credentials specification that defines the requirements a subject must meet to be issued a specific credential. It acts as a machine-readable application form, enabling automated, interoperable credential issuance workflows.
01
Presentation Definition
The core of a Credential Manifest is its presentation definition, which specifies the exact Verifiable Credentials or claims a subject must submit. This can include:
- Required input descriptors for specific data fields.
- Constraints on credential schemas or issuers.
- Rules for combining credentials using logical operators (e.g., 'allOf', 'oneOf').
02
Issuer Metadata
The manifest provides machine-readable information about the issuing entity and the credential to be issued. This includes:
- Issuer identity (DID or profile object).
- Output descriptor detailing the credential's format, schema, and display properties.
- Credential brand information for user wallets.
03
Format & Proof Requirements
The manifest explicitly states the supported cryptographic formats and proof types, ensuring interoperability between wallets and issuers. It defines:
- Accepted credential formats (e.g., JWT-VC, Data Integrity Proofs, AnonCreds).
- Required proof purposes and cryptographic suites.
- This allows a holder's wallet to know if it can fulfill the request.
04
Machine-Readable Workflow
By standardizing the request format, Credential Manifests enable automated issuance pipelines. A wallet can:
- Parse the manifest.
- Determine if the holder possesses the required credentials.
- Automatically assemble a Verifiable Presentation in the correct format.
- Submit it to the issuer's Credential Offer endpoint.
05
Holder Binding & DID Resolution
The manifest can specify requirements for holder binding, ensuring the issued credential is cryptographically linked to the correct subject. This often involves:
- A DID the credential will be issued to.
- Instructions for DID resolution to obtain verification methods.
- Constraints on the challenge and domain used in presentation proofs.
06
Related: Credential Offer
A Credential Offer is the complementary message that references or contains a Credential Manifest. It is sent by an issuer to a potential holder, initiating the issuance process. While the manifest defines the 'how' and 'what', the offer is the actionable invitation to apply.
core-components
W3C VERIFIABLE CREDENTIALS
Core Components of a Credential Manifest
A Credential Manifest is a machine-readable document that defines the requirements a subject must meet to be issued a specific Verifiable Credential. It acts as a blueprint for credential issuance.
01
Issuer Information
The issuer object identifies the entity that will issue the credential. It includes a unique identifier, often a Decentralized Identifier (DID), and may contain display information like name and logo. This establishes the source of authority and trust for the credential.
02
Output Descriptor
This defines the structure and content of the credential to be issued. It specifies:
- The credential schema (e.g., a JSON Schema URI) that validates the data format.
- Display properties for user interfaces, such as title, description, and styling.
- The specific claims or attributes that will be populated in the credential.
03
Presentation Definition
A critical component that specifies the proofs or inputs a subject must provide to receive the credential. This is a Presentation Definition (from the W3C Presentation Exchange specification) that can request:
- Existing Verifiable Credentials (e.g., a government ID).
- Constraints on those credentials, like who issued them or specific claim values.
- Direct input of claims via forms.
04
Format Specifications
Declares the supported cryptographic and serialization formats for both the input submissions and the output credential. Common formats include:
- JWT (JSON Web Token) for signed credentials.
- JSON-LD with Linked Data Proofs.
- SD-JWT (Selective Disclosure JWT). This ensures interoperability between the issuer's and holder's software.
05
Holder Binding Requirements
Specifies how the issued credential must be cryptographically bound to its rightful holder. This prevents credential theft and transfer. Common methods include:
- Binding to a holder's DID and its associated public key.
- Requiring a challenge-response during issuance to prove control of the private key.
VC-DATA-MODEL SPECIFICATION
Credential Manifest vs. Presentation Definition
A comparison of the two core W3C Verifiable Credentials Data Model objects that define credential issuance and verification requirements.
| Feature | Credential Manifest | Presentation Definition |
|---|---|---|
Primary Purpose | Defines the inputs and process for issuing a credential. | Defines the requirements for creating a Verifiable Presentation. |
Defines Output | The structure of the credential to be issued. | The structure of the presentation to be submitted. |
Defines Input | Requirements for claims or existing credentials from the holder. | Requirements for credentials from the holder's wallet. |
Core Object | output_descriptors | input_descriptors |
Governed By | DIF Credential Manifest specification | DIF Presentation Exchange specification |
Use Case Phase | Credential Issuance | Credential Verification |
Holder Action | Submit claims, receive credential. | Select credentials, create and submit presentation. |
Verifier Role | Issuer provides the manifest. | Verifier provides the definition. |
examples
CREDENTIAL MANIFEST
Real-World Use Cases & Examples
A Credential Manifest is a machine-readable document that defines the requirements a verifier has for a specific type of Verifiable Credential. It outlines the format, claims, and constraints a credential must satisfy to be accepted.
01
University Degree Verification
A university's registrar acts as a Verifier, publishing a Credential Manifest specifying the required format (e.g., W3C Verifiable Credential) and specific claims needed for alumni status verification. The manifest would require:
- Issuer: The accredited university's DID.
- Credential Subject: The graduate's DID.
- Claims: Degree type, major, graduation date, and GPA.
- Proof Type: A specific cryptographic signature (e.g., Ed25519Signature2020). Graduates holding a matching credential from the university's Issuer can present it for automated, trustless verification for job applications or further education.
02
KYC/AML for DeFi Access
A decentralized finance (DeFi) protocol can use a Credential Manifest to gate access to high-value services while preserving user privacy. The manifest would not request raw identity data but a Zero-Knowledge Proof (ZKP) credential from a trusted Issuer (e.g., a licensed KYC provider). Requirements include:
- Proof of being over 18 and a resident of a permitted jurisdiction.
- Proof of passing a sanctions screening.
- Presentation Definition specifying a ZKP-SDK for submission. This allows users to prove compliance without revealing their name, address, or date of birth to the DeFi application itself.
03
Professional License & Certification
Professional boards (e.g., for medicine, engineering, law) can issue digital licenses as Verifiable Credentials. A hospital's credentialing system would publish a manifest requiring:
- Issuer: The state medical board's official DID.
- Credential Type: "Medical License".
- Status: A link to a Status List to check for revocations.
- Claims: License number, specialty, expiration date. Doctors can present their credential, allowing the hospital to instantly and cryptographically verify its authenticity and current validity, streamlining the onboarding process.
04
Selective Disclosure for Age-Gated Content
A content platform can use a Credential Manifest to restrict access to age-gated material without collecting full birthdates. The manifest would define a Presentation Definition that requests a Selective Disclosure credential. A user's wallet, holding a credential from a government Issuer proving their birthdate, would generate a derived proof asserting only "Over 21" is true. The platform's verifier checks this derived proof against the manifest's requirements, granting access based on the claim without learning the user's exact age or other personal data.
05
Supply Chain Provenance
In a supply chain, a buyer can publish a Credential Manifest to verify the provenance and ethical sourcing of materials. The manifest would require a chain of credentials from each participant:
- Credential 1: Mine issues a credential for raw material batch.
- Credential 2: Refiner issues a credential attesting to processing standards.
- Credential 3: Manufacturer issues a credential for final assembly. Each credential must reference the previous one, creating an auditable chain. The manifest defines the required schema for each step and the trusted DIDs of the participants, enabling automated verification of the entire product journey.
06
Interoperability with W3C Standards
The Credential Manifest is part of a broader W3C-CCG ecosystem for decentralized identity. It works in tandem with other key specifications:
- Verifiable Credentials (VCs): The credential data format itself.
- Presentation Exchange (VP): The protocol for requesting and submitting VCs, where the Credential Manifest defines the request.
- Decentralized Identifiers (DIDs): The root identifiers for issuers, holders, and verifiers.
- Status List 2021: A standard for checking credential revocation status, often referenced in a manifest. This standardized framework ensures credentials and manifests from different organizations can interoperate seamlessly.
technical-standards
W3C STANDARD
Credential Manifest
A Credential Manifest is a W3C standard that defines a machine-readable data format for an issuer to describe the criteria, process, and outputs for issuing a Verifiable Credential to a holder.
A Credential Manifest is a JSON-based data structure that specifies what a user must submit to receive a particular Verifiable Credential (VC). It acts as a formal request for issuance, detailing the required Input Descriptors (the specific claims or proofs a holder must provide), the supported credential formats (e.g., JSON-LD, JWT), and the issuance service endpoint. This allows credential issuers to publish their requirements in a standardized, interoperable way that wallets and other agents can automatically process, streamlining the application and issuance workflow.
The core components of a manifest include the presentation_definition, which outlines the required proofs using the Presentation Exchange (DIF PE) specification, and the output_descriptors, which describe the structure and contents of the credentials to be issued. This enables selective disclosure, where a holder can satisfy the issuer's requirements by presenting a subset of credentials they already possess, without revealing unnecessary personal data. The manifest essentially decouples the request for proof from the issuance of a new credential, creating a more modular and privacy-preserving system.
In practice, a Credential Manifest is crucial for implementing scalable Decentralized Identity (DID) ecosystems. For example, a university's issuance service could publish a manifest for a diploma credential, specifying that applicants must present a government-issued ID and proof of degree completion. A student's digital wallet reads this manifest, gathers the required proofs from their existing credentials, and submits them to the issuer's endpoint. Upon verification, the issuer returns the signed diploma VC. This standard, alongside the Credential Manifest, forms the backbone of interoperable trust frameworks.
CREDENTIAL MANIFEST
Frequently Asked Questions (FAQ)
A Credential Manifest is a W3C standard that defines how a verifier describes the types of Verifiable Credentials it accepts. These FAQs cover its core purpose, structure, and role in decentralized identity systems.
A Credential Manifest is a machine-readable document, defined by the W3C, that specifies the inputs a verifier requires from a holder to issue a specific Verifiable Credential or grant access to a service. It acts as a formal request, detailing the types of credentials, the specific claims within them, and any constraints (like issuance date or issuer DID) that must be satisfied. This allows holders to understand exactly what is needed before initiating a credential presentation, streamlining the issuance and verification flow in decentralized identity ecosystems.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall