> ## Documentation Index
> Fetch the complete documentation index at: https://docs.humanos.tech/llms.txt
> Use this file to discover all available pages before exploring further.

# Issue VP

> Build and sign a W3C Verifiable Presentation for a stored credential. The API key must belong to the credential owner (its DID must be on the mandate authorizedDIDs). Optionally pass `targetVerifier` in the request body — the verifier domain, e.g. "organization.com" — to bind the VP to that audience via proof.domain and a challenge nonce; omit it for an unbound VP.



## OpenAPI

````yaml /versions/2026-07-06.yaml post /credential/vp/{vcId}
openapi: 3.1.0
info:
  title: Humanos API
  description: Humanos API
  version: '1.0'
  contact: {}
servers: []
security: []
tags:
  - name: humanosApp
    description: ''
paths:
  /credential/vp/{vcId}:
    post:
      tags:
        - Credentials
      summary: Issue VP
      description: >-
        Build and sign a W3C Verifiable Presentation for a stored credential.
        The API key must belong to the credential owner (its DID must be on the
        mandate authorizedDIDs). Optionally pass `targetVerifier` in the request
        body — the verifier domain, e.g. "organization.com" — to bind the VP to
        that audience via proof.domain and a challenge nonce; omit it for an
        unbound VP.
      operationId: credentials_issueVP
      parameters:
        - name: vcId
          required: true
          in: path
          description: URN of the credential to present.
          schema:
            example: urn:via:credential:550e8400-e29b-41d4-a716-446655440000
            type: string
        - $ref: '#/components/parameters/ApiVersion'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreatePresentationDto'
      responses:
        '201':
          description: Signed Verifiable Presentation and VP_CREATED receipt.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PresentationEntity'
        '400':
          description: >-
            Credential is not in a presentable state (not ACTIVE, expired, or
            not yet valid).
          content:
            application/json:
              schema:
                type: object
                properties:
                  statusCode:
                    type: number
                    example: 400
                  message:
                    type: string
                    example: Credential is not ACTIVE / expired / not yet valid
                  error:
                    type: string
                    example: Bad Request
        '403':
          description: >-
            The API key does not own this credential — its DID is not on the
            mandate authorizedDIDs.
          content:
            application/json:
              schema:
                type: object
                properties:
                  statusCode:
                    type: number
                    example: 403
                  message:
                    type: string
                    example: Credential is not accessible by this API key
                  error:
                    type: string
                    example: Forbidden
        '404':
          description: Credential not found.
          content:
            application/json:
              schema:
                type: object
                properties:
                  statusCode:
                    type: number
                    example: 404
                  message:
                    type: string
                    example: Credential not found
                  error:
                    type: string
                    example: Not Found
components:
  parameters:
    ApiVersion:
      name: API-Version
      in: header
      required: false
      schema:
        type: string
        pattern: ^\d{4}-\d{2}-\d{2}$
        example: '2026-07-06'
      description: >-
        Pin request, response, and webhook shapes to a specific dated API
        version (YYYY-MM-DD). Omit to use the version pinned to your API key
        (set when the key is created; new keys default to the latest version).
        New integrations should target the latest version.
  schemas:
    CreatePresentationDto:
      type: object
      properties:
        targetVerifier:
          type: string
          description: >-
            Domain or subdomain of the intended verifier (e.g.
            "organization.com"). When provided, the VP is bound to this audience
            via proof.domain and a challenge nonce.
          example: organization.com
    PresentationEntity:
      type: object
      properties:
        presentation:
          type: object
          description: >-
            Signed W3C Verifiable Presentation (@context, type, holder,
            verifiableCredential, proof), exactly as returned by POST
            /credential/vp/:vcId — do not re-serialize or modify it.

            Provide this or `presentationEncoded` (at least one is required;
            `presentationEncoded` overrides and is recommended, since a base64
            string avoids JSON formatting changes that can break the signature).
          example:
            '@context':
              - https://www.w3.org/ns/credentials/v2
              - https://via.humanos.dev/ns/v1
            type:
              - VerifiablePresentation
            holder: did:web:humanos.tech:org:550e8400-e29b-41d4-a716-446655440000
            verifiableCredential:
              '@context':
                - https://www.w3.org/ns/credentials/v2
                - https://via.humanos.dev/ns/v1
              id: urn:via:credential:550e8400-e29b-41d4-a716-446655440000
              type:
                - VerifiableCredential
                - VIAMandate
              issuer: did:web:humanos.tech
              validFrom: '2025-01-01T00:00:00Z'
              validUntil: null
              credentialSubject:
                id: did:web:humanos.tech:org:550e8400-e29b-41d4-a716-446655440000
                mandate:
                  grantor: >-
                    did:web:humanos.tech:user:7c9e6679-7425-40de-944b-e07fc1f90ae7
                  scope: humanos.credential.request
                  context:
                    authorizedDIDs:
                      - >-
                        did:web:humanos.tech:org:550e8400-e29b-41d4-a716-446655440000
                      - >-
                        did:web:humanos.tech:user:7c9e6679-7425-40de-944b-e07fc1f90ae7
              evidences:
                - id: urn:via:evidence:9b2e4f1a-3c7d-4e8a-bf12-2a6c5d8e0f34
                  digestSRI: sha256-abc123
                  location: >-
                    https://api.humanos.dev/credential/evidence/urn:via:evidence:9b2e4f1a-3c7d-4e8a-bf12-2a6c5d8e0f34
            proof:
              type: DataIntegrityProof
              cryptosuite: eddsa-jcs-2022
              created: '2026-05-02T10:15:30.000Z'
              verificationMethod: did:web:humanos.tech#key-1
              proofPurpose: authentication
              proofValue: z2pcVdSdoMTrkYP9rVdz...
        presentationEncoded:
          type: string
          description: >-
            Base64-encoded JSON of the signed Verifiable Presentation above.

            Pass it back to POST /credential/verify as `presentationEncoded`
            (recommended) to avoid signature failures caused by JSON
            re-serialization in some HTTP clients.
          example: >-
            eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvbnMvY3JlZGVudGlhbHMvdjIiXX0=
        receipt:
          description: VP_CREATED receipt issued for this presentation
          allOf:
            - $ref: '#/components/schemas/ReceiptEntity'
      required:
        - presentation
        - presentationEncoded
        - receipt
    ReceiptEntity:
      type: object
      properties:
        id:
          type: string
          example: urn:via:receipt:c4bb2c9d-9b37-448b-8f1a-4ac5793945be
          description: Receipt URN
        timestamp:
          type: string
          example: '2026-05-02T10:15:30.000Z'
          description: Receipt issuance timestamp (ISO 8601)
      required:
        - id
        - timestamp

````