Credential Issuance using DICE ID APIs

Step-by-Step guide for issuing credentials using DICE ID console UI and DICE ID APIs

DICE ID is a platform that provides ability to onboarded organizations to issue credentials to their end users and customers for variety of use cases. The steps to issue a credential can be summarized as:

  • Schema Creation - this is a one-time setup required to define the attributes of a credential from DICE ID console UI. Once a schema is created then any number of credentials can be issued based on that. For credentials that represent skill of an individual and should contain a certificate generated on DICE ID platform, Cred_URL attribute is mandatory.

  • Creating Certificate Template - This is an optional one time setup required only if the credential is required to contain a certificate then a certificate template needs to be setup. Based on the certificate template the Cred_URL attribute will be populated with link to the certificate.

  • Generating API access key - this is one-time activity to be done from DICE ID console UI. An x-api-key will be generated that has to be used for accessing DICE ID APIs.

  • Obtaining Bearer Token - this step involves generating a token that represents your role on DICE ID platform and is required for authorization check

  • Initiating Credential Issuance - this step involves invoking an API to send an invitation email or SMS to the user and setting up of auto-issuance by providing the credential data.

The sections below will cover each of the above steps in detail.

1. Sign-up an Sign-in to DICE ID Platform Console

Open in your browser and complete the signup and sign-in steps as described in Platform Console. Goto step 2 if this is already completed.

2. Create Schema for your use case

We will take example of a Skill based credential which represents course completion or skill assessment for an individual for which a certificate is also provided.

In DICE ID console UI navigate to Credentials --> Schemas page from the left hand menu. Click on Add Schema option on this screen.

On the Add Schema screen, enter the name of the credential, version number and attributes.

Since this schema is being created to represent the structure for a skill based credential and will contain a certificate, the "Schema used for Certificate Issuance?" should be selected, which will automatically add Cred_URL attribute. During credential issuance this attributed will get auto-populated with the link to the certificate generated from DICE ID platform.

The rest of attributes and data types will be:

  • Name - name of the individual who completed the course or assessment

  • Skill - name of the skill or course for which the individual got certified

  • Issued Date - the date on which the certificate was issued

  • Valid Till - the date till which this credential and certificate is valid.

  • dice_display_name - A user friendly name for the credential that will get displayed in DICE ID mobile app

Click on "Create Schema" at the bottom of the screen to submit so that the schema and corresponding credential definition gets created on blockchain. You should see a confirmation message and schema listed on the following screen.

Copy the schema name and version for subsequent step of issuing credential.

3. Create Certificate Template

Since this credential is based on a Schema containing "Cred_URL" attribute that will contain the certificate URL so it is mandatory to select the Certificate Template. Detailed steps on how to create a certificate template are covered in Certificate Template

Once the template is created copy the Certificate Template ID from its detailed screen

4. Get API Access Key

Navigate to API Access from the left hand menu on Console UI. Click on "Generate Key" to get your API key as shown below.

Copy the values for API Key, Organization ID and User ID for subsequent step of issuing credential

5. Get Bearer Token

This step is required to be implemented in your application while integrating with DICE ID so that you can get the authorization token that represents your role and access levels.

You should now have the following details:

  • Schema name and version from Step 2

  • Certificate Template ID from Step 3

  • Organization ID, User ID and API key from Step 4

Using these values invoke an API from your application.

Replace these sample values with the one you copied from console UI

invoked_by is the User ID

org_id is Organization ID

x-api-key is API Key

curl --location '' \
--header 'invoked_by: 2bab90f7-996b-440e-8b1c-30bb47704ada' \
--header 'org_id: 99430645-8a55-41c5-834d-ae57ea1bac8f' \
--header 'x-api-key: Xghmlrvhf121BtnPpWyjZ5ceZ1gG9Vk4a84gdtes'

The response of this API will return a "token" which needs to be used in Authorization header for subsequent API calls.

    "status": "Success",
    "result": {
        "token": "eyJhbGciOiJSUzI1NiIsInR5cCI6ImF0K0pXVCJ9.eyJhcGlfZW5kcG9pbnRzIjp7ImNvbW1vbiI6eyJydyI6WyIvbG9naW4vc3dpdGNoLW9yZy97bmV3X29yZ19pZH0iLCIvb3JndXNlci9mYXZvcml0ZS1vcmcve25ld19mYXZfb3JnX2lkfSJdLCJyIjpbIi9vcmdhbml6YXRpb24vcmVwb3J0LyoqIiwiL29yZ2FuaXphdGlvbi9pbmZvIiwiL29yZ2FuaXphdGlvbi9yb2xlLyoqIiwiL29yZ2FuaXphdGlvbi9kYXNoYm9hcmQvcGVuZGluZy1pdGVtLWNvdW50IiwiL29yZ3VzZXIvb3JnbGlzdCIsIi9vcmd1c2VyL2NvdW50IiwiL29yZ3VzZXIve3VzZXJfaWR9IiwiL2RlcGFydG1lbnQvY291bnQiLCIvZGVwYXJ0bWVudC9vdmVydmlldyJdfSwiOTk0MzA2NDUtOGE1NS00MWM1LTgzNGQtYWU1N2VhMWJhYzhmIjp7ImFkbWluIjp7InJ3IjpbIi8qKiJdfX19LCJ1c2VyX2lkIjoiMmJhYjkwZjctOTk2Yi00NDBlLThiMWMtMzBiYjQ3NzA0YWRhIiwicm9sZSI6Ik9SR19VU0VSIiwianRpIjoiOTlmYjlkYTgtODk4Zi00YmM1LWIyOTktOWVkMzk5ZmJjNjgxIiwibmJmIjoxNjg3OTQxMTk5LCJpYXQiOjE2ODc5NDE0OTgsImV4cCI6MTY4ODAyNzg5OCwiYXVkIjoiRElDRSBDb25zb2xlIFdlYkFwcCIsImlzcyI6Imh0dHBzOi8vY29uc29sZS1hcGktdWF0LmRpY2VpZC5jb20iLCJzdWIiOiI1NmE5ZDNlYS05N2I3LTRjYjMtYjRhZS05YzY5MzJmYzNmMDkifQ.i66eOtIEsRE6ptms3jweFGKzLpGF1o29E17a6Ea8VA64xsBOcH7N_rkucN8WJBRTPAYL28fvM1rp2CSSypBavsCMJmtWHso4n0JuRdwMOJXXpfCeqr_69fZu5jROAf9-ndz0n9cJfAP3Xahiu8gzsgoQ9o-qwGS9jMP5wyI28prCNNxhbfvp4zDEknZGJsOQ-IUWwn2oR17wnYUHm3mAnZMHw6BTpFv6pbvMT344gYrowoI0tA3znlIU7Ad9gW2IpNRJV90chPmtSFDDz5kt9lEEtVtpZ3FhuLUWkoGxl1k9YkFV0oUaLSBNDdc6t62qvfKyRzGvhi8XDabWaFRZGHcDe4UqzKviwRTKEYj7w4ymL8B_rknsyeT5HJddeQ59QSAaFRzrV_A4beFsWIteDcRiHQ89wGaLeuZDtCMk9WHsgfctkZzs_Qmxs4vD1Bed3MnjWJbhR4-B6fCVIcwsl1By_1DbPTgwL8we2NKZxj-9a-gem6s4gRl6hSmRNmv2lG0KTEZTRlmaK4Uu4aKMkV87kIYLxzaD_6VI-qW8NmETVGedHpIZPiVrmJPkt7EUPtBBX8vM2a-5aOCJH876lZxz23CHGRxnsAugRgBwaYJJL5vBvznLneexRMhWEa8_luB2iFHI9j3lUUpJTtNAPP-R1v6mTFhYRcf2Z3PAqeQ",
        "expires_at": "2023-06-29T08:38:18.739Z"

6. Invoke the Credential Issuance API

This step needs to be implemented in your application to automatically issue credentials to your application user on a real-time basis without any manual intervention. This should be implemented based on appropriate event in your application flow e.g. when user completes their certification and all the required data is available for credential issuance.

You should now have the following details:

  • Schema name and version from Step 2

  • Certificate Template ID from Step 3

  • Organization ID, User ID and API key from Step 4

  • Authorization Token from Step 5

Invoke the credential issuance API as shown below. Please make sure to use the values obtained from earlier steps

curl --location '' \
--header 'Org_id: 99430645-8a55-41c5-834d-ae57ea1bac8f' \
--header 'Invoked_by: 2bab90f7-996b-440e-8b1c-30bb47704ada' \
--header 'x-api-key: Xghmlrvhf121BtnPpWyjZ5ceZ1gG9Vk4a84gdtes' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6ImF0K0pXVCJ9.eyJhcGlfZW5kcG9pbnRzIjp7ImNvbW1vbiI6eyJydyI6WyIvbG9naW4vc3dpdGNoLW9yZy97bmV3X29yZ19pZH0iLCIvb3JndXNlci9mYXZvcml0ZS1vcmcve25ld19mYXZfb3JnX2lkfSJdLCJyIjpbIi9vcmdhbml6YXRpb24vcmVwb3J0LyoqIiwiL29yZ2FuaXphdGlvbi9pbmZvIiwiL29yZ2FuaXphdGlvbi9yb2xlLyoqIiwiL29yZ2FuaXphdGlvbi9kYXNoYm9hcmQvcGVuZGluZy1pdGVtLWNvdW50IiwiL29yZ3VzZXIvb3JnbGlzdCIsIi9vcmd1c2VyL2NvdW50IiwiL29yZ3VzZXIve3VzZXJfaWR9IiwiL2RlcGFydG1lbnQvY291bnQiLCIvZGVwYXJ0bWVudC9vdmVydmlldyJdfSwiOTk0MzA2NDUtOGE1NS00MWM1LTgzNGQtYWU1N2VhMWJhYzhmIjp7ImFkbWluIjp7InJ3IjpbIi8qKiJdfX19LCJ1c2VyX2lkIjoiMmJhYjkwZjctOTk2Yi00NDBlLThiMWMtMzBiYjQ3NzA0YWRhIiwicm9sZSI6Ik9SR19VU0VSIiwianRpIjoiOTlmYjlkYTgtODk4Zi00YmM1LWIyOTktOWVkMzk5ZmJjNjgxIiwibmJmIjoxNjg3OTQxMTk5LCJpYXQiOjE2ODc5NDE0OTgsImV4cCI6MTY4ODAyNzg5OCwiYXVkIjoiRElDRSBDb25zb2xlIFdlYkFwcCIsImlzcyI6Imh0dHBzOi8vY29uc29sZS1hcGktdWF0LmRpY2VpZC5jb20iLCJzdWIiOiI1NmE5ZDNlYS05N2I3LTRjYjMtYjRhZS05YzY5MzJmYzNmMDkifQ.i66eOtIEsRE6ptms3jweFGKzLpGF1o29E17a6Ea8VA64xsBOcH7N_rkucN8WJBRTPAYL28fvM1rp2CSSypBavsCMJmtWHso4n0JuRdwMOJXXpfCeqr_69fZu5jROAf9-ndz0n9cJfAP3Xahiu8gzsgoQ9o-qwGS9jMP5wyI28prCNNxhbfvp4zDEknZGJsOQ-IUWwn2oR17wnYUHm3mAnZMHw6BTpFv6pbvMT344gYrowoI0tA3znlIU7Ad9gW2IpNRJV90chPmtSFDDz5kt9lEEtVtpZ3FhuLUWkoGxl1k9YkFV0oUaLSBNDdc6t62qvfKyRzGvhi8XDabWaFRZGHcDe4UqzKviwRTKEYj7w4ymL8B_rknsyeT5HJddeQ59QSAaFRzrV_A4beFsWIteDcRiHQ89wGaLeuZDtCMk9WHsgfctkZzs_Qmxs4vD1Bed3MnjWJbhR4-B6fCVIcwsl1By_1DbPTgwL8we2NKZxj-9a-gem6s4gRl6hSmRNmv2lG0KTEZTRlmaK4Uu4aKMkV87kIYLxzaD_6VI-qW8NmETVGedHpIZPiVrmJPkt7EUPtBBX8vM2a-5aOCJH876lZxz23CHGRxnsAugRgBwaYJJL5vBvznLneexRMhWEa8_luB2iFHI9j3lUUpJTtNAPP-R1v6mTFhYRcf2Z3PAqeQ' \
--data-raw '{
    "invite_modes": [
    "invitee_name": "Alice",
    "dice_display_name": "Cert for Java Credential",
    "attributes": {
        "Name": "Alice Wonderland",
        "Skill": "Java",
        "Date": "15-Feb-2023",
        "Valid Till" : "31-Jan-2025"
    "schema_name": "Sample Skill Schema",
    "schema_version": "1.0",
    "is_cert_required": true,
    "template_id": "aedb22a1-86e9-4c74-bc6c-35b8f04c9db0",
    "comment": null,
    "email": {
        "invitee_email": ""

In the above sample the following is the mapping of the headers

Org_id is the Organization ID

Invoked_by is the User ID

x-api-key is the API key

Authorization is the "Bearer "+token obtained in step 5

Attribute NameDescription

"invite_modes": ["email"]

"email" and "sms" are 2 modes on sending onboarding invite to the user are supported.

"email": {

"invitee_email": "",

"email_template_id" : "email template id" }

A valid email id of the user to who credential is to be issued. The email template id is an option field and can be specified if you have created one following steps @ Email Template

"sms": { "invitee_phoneNo": "+91XXXXXX74", "short_org_name": "OrgName" }

This is an option elemet which is to be specified with a value phone number with country code only if invite_modes is "sms"

"invitee_name": "Alice"

This name will be use to address the user in the email or SMS

"attributes" : { }

Specify the attributes corresponding to the schema used for issuing credentials.


Thie value will be seen by user for their credential in DICE ID mobile app


Name of the schema created via Console UI


Version of the schema specified


Certificate Template ID. This is not required if the credential does not require a certificate


Set to true if certificate needs to be generated and included in credential. If this value is true then template_id has to be specified.

The response that will be retuned by this API will contain a record_id which represents the credential issuance.

    "status": "Success",
    "result": {
        "record_id": "7c31ec52-e2b9-429c-af7d-7a50b71861a8",
        "message": "Record received successfully and added to queue for processing. 'GET /cred/issuance/record/7c31ec52-e2b9-429c-af7d-7a50b71861a8' to get status of record"

You can invoke the GET API specified in the message to get the current status of credential issuance, which will contain all the details of the credential.

How will user / customer get the credentials?

User needs to have access to their inbox which contains the email received from The email contains instructions to download DICE ID app and scan the QR code in the email. Once the QR code is scanned from DICE ID app a secure connection is established with user's device and the credentials get downloaded and stored in the app.

If the user opens their email on phone then they need to click on the button provided below the QR code which redirect them to the DICE ID app installed on their phone.

API invocation using Postman

You also have the option of invoking the APIs from Postman tool by clicking on the file below and saving its content as JSON file and importing it into Postman. Please make sure to follow the instructions provided in Step-2 to Step-6 for replacing the attribute values as per your requirement.

Last updated