This document specifies an API to enable [=user agents=] to mediate access to, and presentation of, digital credentials such as a driver's license, government-issued identification card, and/or [=credential type examples|other types of digital credential=]. The API builds on [[[credential-management-1]]] as a means by which to request a digital credential from a user agent or underlying platform.
This is an unofficial proposal.
TBW
There are many types of digital credential that can be conveyed using this API. Examples of these types include:
The goal of the definitions in this section is to reuse or establish terminology that is common across a variety of digital credential formats and protocols. Discussions surrounding these definitions are active and the definitions are likely to change over the next several months.
This specification is currently focused on digital credentials pertaining to people.
The following items are within the scope of this specification:
The following items are out of scope:
partial interface Navigator {
[SecureContext, SameObject] readonly attribute CredentialsContainer identity;
};
The identity attribute provides access to the the underlying {{CredentialsContainer}} for managing [=digital credentials=].
partial dictionary CredentialRequestOptions {
DigitalCredentialRequestOptions digital;
};
The digital member allows for options to configure the request for a [=digital credential=].
dictionary DigitalCredentialRequestOptions {
sequence<IdentityRequestProvider> providers;
};
The providers specify an [=digital credential/exchange protocol=] and [=digital credential/query=], which the user agent MAY match against a holder's software, such as a digital wallet.
The {{IdentityRequestProvider}} dictionary is used to specify an [=digital credential/exchange protocol=] and a [=digital credential/query=], which the user agent MAY match against software used by a holder, such as a digital wallet.
dictionary IdentityRequestProvider {
required DOMString protocol;
required object request;
};
The protocol member denotes the [=digital credential/exchange protocol=] when requesting an identify credential.
The {{IdentityRequestProvider/protocol}} member's value is be one of the well-defined keys defined in [[[#protocol-registry]]] or any other custom one.
The request member is the request to be handled by the holder's software, such as a digital wallet.
The DigitalCredential interface represents a conceptual [=digital credential=].
[Exposed=Window, SecureContext]
interface DigitalCredential : Credential {
readonly attribute DOMString protocol;
readonly attribute any data;
};
The protocol member is the [=digital credential/exchange protocol=] that was used to request the [=digital credential=].
The data member is the credential's response data.
The following is the registry of [=digital credential/exchange protocols=] that are supported by this specification.
It is expected that this registry will be become a [=W3C registry=] in the future.
To be included in the registry...
[=User agents=] MUST support the following [=digital credential/exchange protocols=]:
| Protocol identifier | Description | Specification |
|---|---|---|
| Coming soon... | ||