Skip to main content

Changelog

June 5, 2026

EUDIW ConnectorAPI v1.2.2

X.509 certificate chain validation and CRL revocation checking

The connector now validates X.509 certificate chains in SD-JWT VC credentials (the x5c header, mandatory in HAIP-compliant ecosystems), and optionally checks certificate revocation status against Certificate Revocation Lists (CRLs).

Chain-internal validation runs automatically whenever a credential includes an x5c certificate chain. The connector verifies intra-chain signatures, certificate validity periods, and Basic Constraints and Key Usage extensions. If validation fails, the credential fails verification.

Trust anchor resolution and CRL checking is an optional feature, disabled by default. When enabled, the connector resolves the chain's last certificate against configured trust anchors and fetches CRLs to check whether any certificate in the chain has been revoked.

API

  • New: isCertificateRevoked field on credential objects in FULFILLED callback events. Present when supportTrustAnchor: true. Indicates whether any certificate in the issuer's X.509 chain was found on a CRL. See Callback events.
  • Changed: supportTrustAnchor: true now gates two fields: isTrusted and isCertificateRevoked.

Configuration

Three new environment variables control the feature:

VariableDefaultDescription
X509_VERIFY_TRUST_ANCHORfalseEnable trust anchor resolution and CRL checking
X509_TRUST_ANCHORS""Comma-separated base64-encoded DER trust anchor certificates
X509_CRL_TIMEOUT_SECONDS10HTTP timeout for CRL fetch requests

Documentation

June 1, 2026

EUDIW ConnectorAPI v1.2.0

Spec-conformant OID4VCI metadata

The connector's Credential Issuer Metadata and Type Metadata endpoints now conform to OpenID4VCI 1.0 §12.2, HAIP 1.0 §3.5, and SD-JWT VC draft-13 §6.3. Wallets that implement these specifications now render credential display names and claim labels correctly.

Previously, the metadata used a pre-draft shape that strict wallet deserialisers rejected, causing wallets to fall back to displaying the raw vct URL as the credential title and attribute keys as claim labels.

API

  • Changed: Credential Issuer Metadata (GET /.well-known/openid-credential-issuer) now nests display and claims inside a credential_metadata object on each credential configuration, instead of placing display at the configuration root.
  • Changed: The Type Metadata endpoint (GET /oidc4vci/types/{credential_configuration_id}) now serves the document in SD-JWT VC draft-13 array-form with display[{lang, name}] and claims[{path[], sd, display[]}].

Configuration

  • Changed: Type Metadata JSON files now use the SD-JWT VC draft-13 array-form schema. The display field is an array with lang and name entries, and claims is an array of objects with path, sd, and display fields. See Configure credential types for the full format reference.

Documentation

May 21, 2026

EUDIW ConnectorAPI v1.1.0

Credential issuance documentation

The Truvity EUDIW Connector now supports credential issuance via the OpenID for Verifiable Credential Issuance (OID4VCI) protocol using the pre-authorized code flow. The connector handles the issuance protocol exchange, token management, DPoP validation, credential signing, and callback-based outcome delivery.

API

  • New: POST /offers—create credential offers with credential_configuration_id, claims, and optional tx_code for transaction authorization. Returns offer_id, credential_offer_uri, and optionally tx_code_value.
  • New: Issuance callback delivery via Issuance Event with four statuses: OFFER_CREATED, ISSUED, FAILED, and EXPIRED.
  • New: Public OID4VCI protocol endpoints for wallet interaction: credential issuer metadata (GET /.well-known/openid-credential-issuer), nonce endpoint, and credential endpoint.

Documentation

April 8, 2026

EUDIW ConnectorAPI v1.0.0

Introducing the Truvity EUDIW Connector

The Truvity EUDIW Connector is now available. It is an API-first solution for requesting and verifying digital credentials from EU Digital Identity Wallets (EUDI Wallets). The connector implements the OpenID for Verifiable Presentations (OID4VP) protocol under the High Assurance Interoperability Profile (HAIP), handling cryptographic operations, credential verification, and eIDAS 2.0 alignment on your behalf.

Start with the verification quickstart or read What is the EUDIW Connector? for a product overview.

API

  • New: POST /oidc4vp — create presentation requests using DCQL queries with selective disclosure. Returns state, same_device_request_uri, and cross_device_request_uri for same-device and cross-device flows.
  • New: Callback-based result delivery via Presented Credentials Event with five statuses: FULFILLED, REJECTED, EXPIRED, PROCESSING_ERROR, and VERIFICATION_FAILED.
  • New: Transactional data binding (transaction_data parameter) for cryptographic proof of user consent to a specific context.
  • New: Key binding enforcement (require_cryptographic_holder_binding parameter) with stable wallet-derived identifiers (kbKeyId).
  • New: Configurable session expiration (expires_in parameter).
  • New: SD-JWT and SD-JWT+KB credential format support (dc+sd-jwt).

Documentation

The full EUDIW Connector documentation is now available at /eudiw-connector, covering:

February 9, 2026

SSI PlatformTypeScript SDK v0.40.13

Schema management support for the TypeScript SDK

This release brings full credential schema management support to the TypeScript SDK, completing the feature set introduced with the Java SDK on November 27, 2025. You can now define, publish, and version credential schemas directly from your TypeScript applications.

Get started with the Schema Management Overview and dive into Managing Schemas.

SDK

TypeScript SDK

  • New: Full support for credential schema management capabilities:

    • Methods for creating, publishing, and versioning schemas
    • VcDecorator.publishSchema() method for making schemas production-ready
    • Enhanced schema referencing when creating drafts

  • New: Schema definition decorators:

    • @VcSchema - Define schemas, specify publication settings (slug and version), and associate them with user-defined types (UDTs). Learn more
    • @VcExternalSchema - Reference external JSON-LD vocabularies and JSON schemas for interoperability with other SSI ecosystems. Learn more

  • Deprecation: The @VcContext decorator. We will remove this in a future release. Migrate to @VcSchema for improved schema management.

Migration to version 0.40.13

Follow these steps to migrate your TypeScript SDK-based integration:

1. Update your SDK version

Upgrade to SDK version 0.40.13 or higher:

npm install @truvity/sdk@0.40.13
tip

The SDK automatically enables backward compatibility for versions lower than v0.40.0. Existing applications will continue to work during the migration period.

2. Update decorator usage

Replace @VcContext with @VcSchema:

- @VcContext({ name: 'Passport', namespace: 'urn:example' })
+ @VcSchema()
  class Passport {
      @VcNotEmptyClaim
      passportNumber!: string;

      nationality?: string;
  }

If using search capability: if your app searches for credentials by context name, temporarily add the @VcSchemaJsonLdTermName decorator to maintain compatibility while you transition to published schemas:

  @VcSchema()
+ @VcSchemaJsonLdTermName('Passport')
  class Passport {
      @VcNotEmptyClaim
      passportNumber!: string;

      nationality?: string;
  }
note

The @VcSchemaJsonLdTermName decorator preserves the JSON-LD term name for backward compatibility. Once you publish your schema, you can remove this decorator as the published schema includes the term definition.

3. Update async method calls

Several VcDecorator methods are now asynchronous. Add await to the following calls:

getCredentialTerm() - used when searching for credentials by type:

  data: {
      type: {
          operator: 'IN',
-         values: [purchaseRequest.getCredentialTerm()],
+         values: [await purchaseRequest.getCredentialTerm()],
      },
  },

map() - used when converting API resources to user-defined types:

- const purchaseRequestVc = purchaseRequest.map(item);
+ const purchaseRequestVc = await purchaseRequest.map(item);

4. Publish your schemas

For production deployments, publish your schemas to ensure immutability and verifiability:

const passport = client.vcDecorator(Passport);

// Publish the schema
await passport.publishSchema();

Learn more about schema publication and versioning in the Publication and Versioning guide.

Demo application

For a complete working example of publishing schemas and migrating to @VcSchema, see the updated DIF Hackathon demo application.

November 27, 2025

SSI PlatformAPI v0.40.11, Java SDK v0.40.11

Introducing credential schema management

This release introduces a comprehensive suite of tools to manage the entire lifecycle of your credential structures. Credential schemas act as immutable blueprints for your data, ensuring consistency across your ecosystem and facilitating interoperability with external partners.

With this release, you can now:

  • Define schemas once and use them across different credential formats
  • Publish schemas to make them publicly verifiable and discoverable
  • Version your data models to evolve them over time without breaking existing credentials

Get started with the Schema Management Overview and dive into Managing Schemas.

Breaking changes

This release introduces several breaking changes to improve schema management and support multiple credential formats:

  1. Structured claim values: The values property in drafts now uses a structured format (CredentialClaimValues) with type hints instead of accepting arbitrary data. This resolves serialization and deserialization issues when working with different credential formats and ensures type safety.

  2. Renamed schema model: We replaced the DraftSchema model with ClaimsSchema. While structurally similar, ClaimsSchema uses clearer, less ambiguous parameter names to better support multiple credential formats.

  3. Schema reference updates: We renamed the schema property in draft creation requests to meta_schema. This property now accepts either:

    • Schema definitions (MetaSchema) for temporary schemas during development
    • URLs to published schemas for production use
Backward compatibility

To avoid disruption from the introduced breaking changes, we support the previous version of the API (v0.38.0) alongside the new version to provide a migration period.

If you use one of the SDKs (TypeScript or Java), it automatically enables backward compatibility for all versions lower than v0.40.0. You do not need to take any action.

If you use the API directly, include the HTTP header X-Truvity-OAS-Version: 0.38.2 in all requests to enable backward compatibility.

Deprecation timeline

We will support the old version of the API for up to 3 months. We encourage all customers to update their integrations to the latest version during this period.

Read the migration guide here.

warning

We may decommission the old API sooner if all active customers migrate before the 3-month period ends.

API

  • New: Credential Schemas API for managing, versioning, and publishing credential schemas. Key operations include:

    • POST /schemas (SchemaCreate) - Create schema definitions
    • PATCH /schemas/{id}/publish (SchemaPublish) - Publish schemas to make them immutable and publicly verifiable
    • POST /schemas/search (SchemaSearch) - Search for schemas
    • POST /published-schemas/search (PublishedSchemaSearch) - Search for published schemas

  • New: GET /credentials/{id}/values (GetCredentialClaimValues) - Retrieve claim values from issued credentials in a unified, format-independent structure (matching the structure used for draft values).

SDK

Java SDK

  • New: Full support for credential schema management capabilities:

    • Methods for creating, publishing, and versioning schemas
    • VcDecorator.publishSchema() method for making schemas production-ready
    • Enhanced schema referencing when creating drafts

  • New: Schema definition decorators:

    • @VcSchema - Define schemas, specify publication settings (slug and version), and associate them with user-defined types (UDTs). Learn more
    • @VcExternalSchema - Reference external JSON-LD vocabularies and JSON schemas for interoperability with other SSI ecosystems. Learn more

  • Deprecation: The @VcContext decorator. We will remove this in a future release. Migrate to @VcSchema for improved schema management.

  • Fix: API error responses now properly display human-readable error messages instead of object hashes.

TypeScript SDK

Documentation

  • New section: Schema Management - Comprehensive documentation covering the meta-schema model, temporary vs. stable schemas, publication lifecycle, and schema governance principles.

  • New guides:

Migration to version 0.40.XX

For direct API users

Follow these steps to update your API integration:

1. Update draft value structure

What changed: the values property now requires a structured format with explicit type information.

Action required: instead of passing arbitrary JSON objects, wrap each claim value with type information:

{
  "values": {
    "firstName": {
      "kind": "STRING",
      "value": "John"
    },
    "age": {
      "kind": "NUMBER",
      "value": 30
    }
  }
}

This applies to:

  • POST /drafts (DraftCreate) - DraftCreateRequest.data.values
  • PATCH /drafts/{id} (DraftUpdate) - DraftUpdateRequest.data.values
  • ResourceDraft.data.values (in all draft-related API responses)
2. Update schema references in drafts

What changed: we restructured schema management to support both temporary and published schemas.

ResourceDraft.data changes:

  • Removed: schema property
  • Added:
    • meta_schema: string - URL reference to a published schema
    • json_ld_vocabs: string[] - JSON-LD vocabulary URLs for semantic definitions
    • vcdm_json_schemas: string[] - JSON Schema URLs for validation (following the W3C vc-json-schema specification)

DraftCreateRequest.data changes:

  • Added:

    • meta_schema?: string - URL of a published schema. Required unless you use the schema property for temporary schemas.

    • json_ld_vocabs?: string[] - Override or supplement JSON-LD vocabularies from the published schema. Enables mixing platform and external vocabularies.

      Example:

      "json_ld_vocabs": [
        "https://ssi.truvity.com/tenants/123/vocab/passport/v1",
        "https://www.w3.org/ns/credentials/examples/v2"
      ]

    • vcdm_json_schemas?: string[] - Override JSON Schema validation from the published schema. Useful for external schemas or custom validation rules not supported by the meta-schema.

  • Updated:

    • schema - Now optional (type changed from required DraftSchema to optional { schema: ClaimsSchema, slug?, version? }). Use this for temporary schemas during development. You must provide either schema or meta_schema.
3. Update search operations

The POST /drafts/search (DraftSearch) operation now returns draft resources using the structure described above. Update your response parsing logic accordingly.

For SDK users (Java)

Follow these steps to migrate your SDK-based integration:

1. Update your SDK version

Upgrade to SDK version 0.40.0 or higher:

{/* Maven */}
<dependency>
    <groupId>com.truvity</groupId>
    <artifactId>sdk</artifactId>
    <version>0.40.11</version>
</dependency>
tip

The SDK automatically enables backward compatibility for versions lower than v0.40.0. Existing applications will continue to work during the migration period.

2. Update decorator usage

Replace @VcContext with @VcSchema:

- @VcContext(name = "Passport", namespace = "urn:example")
+ @VcSchema
  class Passport {
      @NotEmpty
      String passportNumber;

      String nationality;
  }

If using search capability: if your app searches for credentials by context name, temporarily add the @VcSchemaJsonLdTermName decorator to maintain compatibility while you transition to published schemas:

  @VcSchema
+ @VcSchemaJsonLdTermName("Passport")
  class Passport {
      @NotEmpty
      String passportNumber;

      String nationality;
  }
note

The @VcSchemaJsonLdTermName decorator preserves the JSON-LD term name for backward compatibility. Once you publish your schema, you can remove this decorator as the published schema includes the term definition.

3. Publish your schemas

For production deployments, publish your schemas to ensure immutability and verifiability:

VcDecorator<Passport> passportDecorator = client.vcDecorator(Passport.class);

// Publish the schema
passportDecorator.publishSchema();

Learn more about schema publication and versioning in the Publication and Versioning guide.