Protocol Documentation
This page documents the Protobuf Services and Messages which compose the Trinsic API.
Top
services/common/v1/common.proto
Nonce
Nonce used to generate an oberon proof
Field
Type
Description
timestamp
int64 UTC unix millisecond timestamp the request was made
request_hash
bytes blake3256 hash of the request body
ServerConfig
Field
Type
Description
endpoint
string service endpoint
port
int32 service port
use_tls
bool indicates if tls is used
ResponseStatus
Name
Number
Description
SUCCESS
0
WALLET_ACCESS_DENIED
10
WALLET_EXISTS
11
ITEM_NOT_FOUND
20
SERIALIZATION_ERROR
200
UNKNOWN_ERROR
100
Top
services/options/field-options.proto
SdkTemplateOption
Field
Type
Description
anonymous
bool Whether the service endpoint allows anonymous (no Oberon) authentication This is used by the protoc-gen-trinsic-sdk plugin for metadata.
ignore
bool Whether the SDK template generator should ignoroe this method. This method will be wrapped manually.
File-level Extensions
Extension
Type
Base
Number
Description
optional
bool
.google.protobuf.FieldOptions
60000
Whether field is optional in Trinsic's backend. This is not the same as an optional protobuf label; it only impacts documentation generation for the field.
sdk_template_option
SdkTemplateOption
.google.protobuf.MethodOptions
60001
Top
services/verifiable-credentials/templates/v1/templates.proto
Service - CredentialTemplates
CreateCredentialTemplateRequest
Request to create a new template
Field
Type
Description
name
string Name of new template
fields
CreateCredentialTemplateRequest.FieldsEntry []Fields which compose the template
allow_additional_fields
bool Whether credentials may be issued against this template which have fields not specified in fields
CreateCredentialTemplateRequest.FieldsEntry
CreateCredentialTemplateResponse
Response to CreateCredentialTemplateRequest
DeleteCredentialTemplateRequest
Request to delete a template by ID
Field
Type
Description
id
string ID of template to delete
DeleteCredentialTemplateResponse
Response to DeleteCredentialTemplateRequest
GetCredentialTemplateRequest
Request to fetch a template by ID
Field
Type
Description
id
string ID of template to fetch
GetCredentialTemplateResponse
Response to GetCredentialTemplateRequest
Field
Type
Description
template
TemplateData Template fetched by ID
GetTemplateRequest
Unused
Field
Type
Description
id
string
GetTemplateResponse
Unused
ListCredentialTemplatesRequest
Request to list templates using a SQL query
Field
Type
Description
query
string SQL query to execute. Example: SELECT * FROM c WHERE c.name = 'Diploma'
continuation_token
string Token provided by previous ListCredentialTemplatesResponse if more data is available for query
ListCredentialTemplatesResponse
Response to ListCredentialTemplatesRequest
Field
Type
Description
templates
TemplateData []Templates found by query
has_more_results
bool Whether more results are available for this query via continuation_token
continuation_token
string Token to fetch next set of resuts via ListCredentialTemplatesRequest
ListTemplatesRequest
Unused
ListTemplatesResponse
Unused
SearchCredentialTemplatesRequest
Request to search templates using a SQL query
Field
Type
Description
query
string SQL query to execute. Example: SELECT * FROM c WHERE c.name = 'Diploma'
continuation_token
string Token provided by previous SearchCredentialTemplatesResponse if more data is available for query
SearchCredentialTemplatesResponse
Response to SearchCredentialTemplatesRequest
Field
Type
Description
items_json
string Raw JSON data returned from query
has_more
bool Whether more results are available for this query via continuation_token
continuation_token
string Count of items in items_json int32 count = 3; unpopulated and unused Token to fetch next set of results via SearchCredentialTemplatesRequest
TemplateData
Credential Template
Field
Type
Description
id
string Template ID
name
string Template name
version
int32 Template version number
fields
TemplateData.FieldsEntry []Fields defined for the template
allow_additional_fields
bool Whether credentials issued against this template may contain fields not defined by template
schema_uri
string URI pointing to template JSON schema document
context_uri
string URI pointing to template JSON-LD context document
ecosystem_id
string ID of ecosystem in which template resides
type
string Template type (VerifiableCredential)
created_by
string ID of template creator
TemplateData.FieldsEntry
TemplateField
A field defined in a template
Field
Type
Description
description
string Human-readable description of the field
optional
bool Whether this field may be omitted when a credential is issued against the template
type
FieldType The type of the field
FieldType
Valid types for credential fields
Name
Number
Description
STRING
0
NUMBER
1
BOOL
2
DATETIME
4
Top
services/verifiable-credentials/v1/verifiable-credentials.proto
Service - VerifiableCredential
CheckStatusRequest
Request to check a credential's revocation status
Field
Type
Description
credential_status_id
string Credential Status ID to check
CheckStatusResponse
Response to CheckStatusRequest
Field
Type
Description
revoked
bool The credential's revocation status
CreateProofRequest
Request to create a proof for a Verifiable Credential using public key tied to caller.
Either item_id or document_json may be provided, not both.
Field
Type
Description
reveal_document_json
string A valid JSON-LD frame describing which fields should be revealed in the generated proof. If unspecified, all fields in the document will be revealed
item_id
string ID of wallet item stored in a Trinsic cloud wallet
document_json
string A valid JSON-LD Verifiable Credential document string with an unbound signature. The proof will be derived from this document directly. The document will not be stored in the wallet.
CreateProofResponse
Response to CreateProofRequest
Field
Type
Description
proof_document_json
string Valid JSON-LD proof for the specified credential
IssueFromTemplateRequest
Request to create and sign a JSON-LD Verifiable Credential from a template using public key tied to caller
Field
Type
Description
template_id
string ID of template to use
values_json
string JSON document string with keys corresponding to the fields of the template referenced by template_id
framework_id
string Governance framework ID to use with issuance of this credential. If specified, the issued credential will contain extended issuer metadata with membership info for the given ecosystem governance framework (EGF)
IssueFromTemplateResponse
Response to IssueFromTemplateRequest
Field
Type
Description
document_json
string Verifiable Credential document, in JSON-LD form, constructed from the specified template and values; signed with public key tied to caller of IssueFromTemplateRequest
IssueRequest
Request to sign a JSON-LD Credential using public key tied to caller
Field
Type
Description
document_json
string Valid JSON-LD Credential document to be signed, in string form
IssueResponse
Response to IssueRequest
Field
Type
Description
signed_document_json
string Verifiable Credential document, signed with public key tied to caller of IssueRequest
SendRequest
Request to send a document to another user's wallet
Field
Type
Description
email
string Email address of user to send item to
did_uri
string DID of recipient (presently unsupported)
didcomm_invitation_json
string DIDComm out-of-band invitation JSON (presently unsupported)
document_json
string JSON document to send to recipient
SendResponse
Response to SendRequest
UpdateStatusRequest
Request to update a credential's revocation status
Field
Type
Description
credential_status_id
string Credential Status ID to update
revoked
bool New revocation status of credential
UpdateStatusResponse
Response to UpdateStatusRequest
ValidationMessage
Result of a validation check on a proof
Field
Type
Description
is_valid
bool Whether or not this validation check passed
messages
string []If validation failed, contains messages explaining why
VerifyProofRequest
Request to verify a proof
Field
Type
Description
proof_document_json
string JSON-LD proof document string to verify
VerifyProofResponse
Response to VerifyProofRequest
Field
Type
Description
is_valid
bool Whether or not all validations in validation_results passed
validation_messages
string []Deprecated. Use validation_results instead
validation_results
VerifyProofResponse.ValidationResultsEntry []Results of each validation check performed, such as schema conformance, revocation status, signature, etc. Detailed results are provided for failed validations.
VerifyProofResponse.ValidationResultsEntry
Top
services/debug/v1/debug.proto
Service - Debugging
Top
services/universal-wallet/v1/universal-wallet.proto
Service - UniversalWallet
DeleteItemRequest
Request to delete an item in a wallet
Field
Type
Description
item_id
string ID of item to delete
DeleteItemResponse
Response to DeleteItemRequest
GetItemRequest
Request to fetch an item from wallet
Field
Type
Description
item_id
string ID of item in wallet
GetItemResponse
Response to GetItemRequest
Field
Type
Description
item_json
string Item data as a JSON string
item_type
string Type of item specified when item was inserted into wallet
InsertItemRequest
Request to insert a JSON document into a wallet
Field
Type
Description
item_json
string Document to insert; must be stringified JSON
item_type
string Item type (ex. "VerifiableCredential")
InsertItemResponse
Response to InsertItemRequest
Field
Type
Description
item_id
string ID of item inserted into wallet
SearchRequest
Request to search items in wallet
Field
Type
Description
query
string SQL Query to execute against items in wallet
continuation_token
string Token provided by previous SearchResponse if more data is available for query
SearchResponse
Response to SearchRequest
Field
Type
Description
items
string []Array of query results, as JSON strings
has_more
bool Whether more results are available for this query via continuation_token
continuation_token
string Token to fetch next set of results via SearchRequest
UpdateItemRequest
Request to update item in wallet
Field
Type
Description
item_id
string ID of item in wallet
item_type
string Item type (ex. "VerifiableCredential")
UpdateItemResponse
Response to UpdateItemRequest
Top
services/provider/v1/provider.proto
Service - Provider
AddWebhookRequest
Request to add a webhook to an ecosystem
Field
Type
Description
destination_url
string Destination to post webhook calls to
secret
string HMAC secret for webhook validation
events
string []Events to subscribe to. Default is "*" (all events)
AddWebhookResponse
Response to AddWebhookRequest
Field
Type
Description
ecosystem
Ecosystem Ecosystem with new webhook
CreateEcosystemRequest
Field
Type
Description
name
string Globally unique name for the Ecosystem. This name will be part of the ecosystem specific URLs and namespaces. Allowed characters are lowercase letters, numbers, underscore and hyphen.
description
string Ecosystem description
uri
string External URL associated with your organization or ecosystem entity
details
services.account.v1.AccountDetails The account details of the owner of the ecosystem
CreateEcosystemResponse
DeleteWebhookRequest
Request to delete a webhook from an ecosystem
Field
Type
Description
webhook_id
string ID of webhook to delete
DeleteWebhookResponse
Response to DeleteWebhookRequest
Field
Type
Description
ecosystem
Ecosystem Ecosystem after removal of webhook
Ecosystem
Field
Type
Description
id
string URN of the ecosystem
name
string Globally unique name for the ecosystem
description
string Ecosystem description
uri
string External URL associated with the organization or ecosystem entity
webhooks
WebhookConfig []Configured webhooks, if any
EcosystemInfoRequest
Request to fetch information about an ecosystem
EcosystemInfoResponse
Response to InfoRequest
Field
Type
Description
ecosystem
Ecosystem Ecosystem corresponding to requested ecosystem_id
GenerateTokenRequest
Field
Type
Description
description
string Description to identify this token
GenerateTokenResponse
GetAuthorizationsRequest
GetAuthorizationsResponse
Field
Type
Description
grants
Grant []
GetEventTokenRequest
generates an events token bound to the provided ed25519 pk
Field
Type
Description
pk
bytes
GetEventTokenResponse
response message containing a token (JWT) that can be used
to connect directly to the message streaming architecture
Field
Type
Description
token
string a JWT bound to the PK provided in the request
GetOberonKeyRequest
request message for GetOberonKey
GetOberonKeyResponse
response message for GetOberonKey
Field
Type
Description
key
string Oberon Public Key as RAW base64 URL encoded string
Grant
Field
Type
Description
resourceId
string the urn of the resource
actions
string []list of actions that are allowed
child_grants
Grant []any child grants
GrantAuthorizationRequest
grant permissions to a resource or path in the ecosystem
Field
Type
Description
email
string email associted with the account
walletId
string wallet id of the account
resource
string resources are specified as a restful path: /{ecoId}/{resource type}/{resource id}. EcosystemId maybe ommited
action
string action to authorize. default is "*" (all)
GrantAuthorizationResponse
InvitationStatusRequest
Request details for the status of onboarding
an individual or organization.
The reference_id passed is the response from the
Onboard method call
Field
Type
Description
invitation_id
string ID of invitation
InvitationStatusResponse
Invite
InviteRequest
InviteRequest.DidCommInvitation
InviteResponse
Field
Type
Description
invitation_id
string ID of created invitation
invitation_code
string Invitation Code that must be passed with the account 'SignIn' request to correlate this user with the invitation sent.
RevokeAuthorizationRequest
revoke permissions to a resource or path in the ecosystem
Field
Type
Description
email
string email associted with the account
walletId
string wallet id of the account
resource
string resources are specified as a restful path: /{ecoId}/{resource type}/{resource id}. EcosystemId maybe ommited
action
string action to revoke. default is "*" (all)
RevokeAuthorizationResponse
UpdateEcosystemRequest
Request to update an ecosystem
Field
Type
Description
description
string Description of the ecosystem
uri
string External URL associated with the organization or ecosystem entity
UpdateEcosystemResponse
Response to UpdateEcosystemRequest
WebhookConfig
Field
Type
Description
id
string UUID of the webhook
destination_url
string Destination to post webhook calls to
events
string []Events the webhook is subscribed to
status
string Whether we are able to sucessfully send events to the webhook
InvitationStatusResponse.Status
Name
Number
Description
Error
0
Onboarding resulted in error
InvitationSent
1
The participant has been invited
Completed
2
The participant has been onboarded
Expired
3
The invite has expired
ParticipantType
Name
Number
Description
participant_type_individual
0
participant_type_organization
1
Top
services/trust-registry/v1/trust-registry.proto
Service - TrustRegistry
AddFrameworkRequest
Register new ecosystem governance framework
AddFrameworkResponse
Field
Type
Description
id
string Unique framework identifier
governing_authority
string
trust_registry
string
FetchDataRequest
Field
Type
Description
governance_framework_uri
string
query
string
FetchDataResponse
Field
Type
Description
response_json
string
has_more_results
bool
continuation_token
string
GetMembershipStatusRequest
GetMembershipStatusResponse
GovernanceFramework
Field
Type
Description
governance_framework_uri
string
trust_registry_uri
string
description
string
RegisterMemberRequest
RegisterMemberResponse
RemoveFrameworkRequest
Field
Type
Description
id
string
RemoveFrameworkResponse
SearchRegistryRequest
Field
Type
Description
query
string SELECT c from c where c.type == 'GovernanceFramework'
continuation_token
string
SearchRegistryResponse
Field
Type
Description
items_json
string
has_more
bool
continuation_token
string
UnregisterMemberRequest
UnregisterMemberResponse
RegistrationStatus
Name
Number
Description
CURRENT
0
- the entity is currently authorized, as of time of the query.
EXPIRED
1
- entity rights have expired.
TERMINATED
2
- entity has voluntarily ceased Issuer role under the specific EGF.
REVOKED
3
- entity authority under specific EGF was terminated by the governing authority.
NOT_FOUND
10
Top
services/event/v1/event.proto
APICall
EGFCreated
Field
Type
Description
id
string UUID of the governance framework
ecosystem_id
string UUID of the ecosystem that owns this egf
trust_registry
string Trust registry assoicated with this egf
governing_authority
string Wallet ID of the aurhority for this egf
type
string Type of egf
name
string User friendly name for the egf
description
string Description of the egf
governance_framework
string URI for the egf
Event
System event
Field
Type
Description
id
string UUID for the event
type
EventType event type
timestamp
string when the event occured
data
bytes data payload - will be encoded proto message for the event type
ItemReceived
Field
Type
Description
id
string UUID of the new item
received
string Timestamp when the item was received
Ping
Message to test webhook functionality
Field
Type
Description
id
string UUID of this ping
webhook_id
string UUID of the webhook receiving the ping
timestamp
string when this was generated
message
string message to be sent (e.g. I'm a teapot)
TemplateCreated
Field
Type
Description
id
string UUID of the template
ecosystem_id
string UUID of the ecosystem that owns this template
name
string Template name
type
string Tempalte type
created_by
string WalletID that created the template
EventType
Name
Number
Description
PING
0
LOG
1
EGF_CREATED
5
EGF_MEMBER_REGISTERED
6
EGF_MEMBER_UNREGISTERED
7
TEMPLATE_CREATED
10
TEMPLATE_DELETED
11
WALLET_CREATED
15
ITEM_RECEIVED
16
Top
services/account/v1/account.proto
Service - Account
AccountDetails
Account registration details
Field
Type
Description
name
string Account name
email
string Email account
sms
string SMS number including country code
AccountEcosystem
AccountInfoRequest
Request for information about the account used to make the request
AccountInfoResponse
Information about the account used to make the request
Field
Type
Description
details
AccountDetails The account details associated with the calling request context
ecosystems
AccountEcosystem []Deprecated. Use ecosystem_id instead
wallet_id
string The wallet ID associated with this account
device_id
string The device ID associated with this account session
ecosystem_id
string The ecosystem ID within which this account resides
public_did
string The public DID associated with this account. This DID is used as "issuer" when signing verifiable credentials
authorized_webhooks
string []Webhook events if any this wallet has authorized
AccountProfile
Device profile containing sensitive authentication data.
This information should be stored securely
Field
Type
Description
profile_type
string The type of profile, used to differentiate between protocol schemes or versions
auth_data
bytes Auth data containg information about the current device access
auth_token
bytes Secure token issued by server used to generate zero-knowledge proofs
protection
TokenProtection Token security information about the token. If token protection is enabled, implementations must supply protection secret before using the token for authentication.
AuthorizeWebhookRequest
Authorize ecosystem to receive wallet events
Field
Type
Description
events
string []Events to authorize access to. Default is "*" (all events)
AuthorizeWebhookResponse
Response to AuthorizeWebhookRequest
ListDevicesRequest
ListDevicesResponse
LoginConfirmRequest
Field
Type
Description
challenge
bytes Login challenge received during the Login call
confirmation_code_hashed
bytes Confirmation code received in email or SMS hashed using Blake3
LoginConfirmResponse
Field
Type
Description
profile
AccountProfile Profile response. This profile may be protected and require unblinding/unprotection using the raw hashed code
LoginRequest
Field
Type
Description
email
string Email account to associate with the login request
invitation_code
string Invitation code associated with this registration
ecosystem_id
string ID of Ecosystem to sign into. Ignored if invitation_code is passed
LoginResponse
Field
Type
Description
challenge
bytes Challenge response. Random byte sequence unique for this login request
profile
AccountProfile Profile response. The login isn't challenged and the token is returned in this call. Does not require confirmation step
RevokeDeviceRequest
RevokeDeviceResponse
SignInRequest
Request for creating or signing into an account
Field
Type
Description
details
AccountDetails Account registration details
invitation_code
string Invitation code associated with this registration
ecosystem_id
string ID of Ecosystem to use Ignored if invitation_code is passed
SignInResponse
Response for creating new account
This object will indicate if a confirmation code
was sent to one of the users two-factor methods
like email, SMS, etc.
Field
Type
Description
confirmation_method
ConfirmationMethod Indicates if confirmation of account is required. This settings is configured globally by the server administrator.
profile
AccountProfile Contains authentication data for use with the current device. This object must be stored in a secure place. It can also be protected with a PIN, but this is optional. See the docs at https://docs.trinsic.id for more information on working with authentication data.
TokenProtection
Token protection info
Field
Type
Description
enabled
bool Indicates if token is protected using a PIN, security code, HSM secret, etc.
method
ConfirmationMethod The method used to protect the token
ConfirmationMethod
Confirmation method type for two-factor workflows
Name
Number
Description
None
0
No confirmation required
Email
1
Email confirmation required
Sms
2
SMS confirmation required
ConnectedDevice
3
Confirmation from a connected device is required
Other
10
Indicates third-party method of confirmation is required
Top
sdk/options/v1/options.proto
ServiceOptions
Configuration for Trinsic SDK Services
Field
Type
Description
server_endpoint
string Trinsic API endpoint. Defaults to prod.trinsic.cloud
server_port
int32 Trinsic API port; defaults to 443
server_use_tls
bool Whether TLS is enabled between SDK and Trinsic API; defaults to true
auth_token
string Authentication token for SDK calls; defaults to empty string (unauthenticated)
default_ecosystem
string Default ecosystem ID to use for various SDK calls; defaults to default
Scalar Value Types
.proto Type
Notes
C++
Java
Python
Go
C#
PHP
Ruby
double
double
float
float64
double
float
Float
float
float
float
float32
float
float
Float
Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead.
int32
int
int
int32
int
integer
Bignum or Fixnum (as required)
Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead.
int64
long
int/long
int64
long
integer/string
Bignum
Uses variable-length encoding.
uint32
int
int/long
uint32
uint
integer
Bignum or Fixnum (as required)
Uses variable-length encoding.
uint64
long
int/long
uint64
ulong
integer/string
Bignum or Fixnum (as required)
Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s.
int32
int
int
int32
int
integer
Bignum or Fixnum (as required)
Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s.
int64
long
int/long
int64
long
integer/string
Bignum
Always four bytes. More efficient than uint32 if values are often greater than 2^28.
uint32
int
int
uint32
uint
integer
Bignum or Fixnum (as required)
Always eight bytes. More efficient than uint64 if values are often greater than 2^56.
uint64
long
int/long
uint64
ulong
integer/string
Bignum
Always four bytes.
int32
int
int
int32
int
integer
Bignum or Fixnum (as required)
Always eight bytes.
int64
long
int/long
int64
long
integer/string
Bignum
bool
boolean
boolean
bool
bool
boolean
TrueClass/FalseClass
A string must always contain UTF-8 encoded or 7-bit ASCII text.
string
String
str/unicode
string
string
string
String (UTF-8)
May contain any arbitrary sequence of bytes.
string
ByteString
str
[]byte
ByteString
string
String (ASCII-8BIT)