> ## Documentation Index
> Fetch the complete documentation index at: https://docs.humanos.tech/llms.txt
> Use this file to discover all available pages before exploring further.

# Credential Event

> Fired when a credential request is accepted or rejected by the subject.

**Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.



## OpenAPI

````yaml /versions/2026-07-06.yaml post /_webhooks/credential
openapi: 3.1.0
info:
  title: Humanos API
  description: Humanos API
  version: '1.0'
  contact: {}
servers: []
security: []
tags:
  - name: humanosApp
    description: ''
paths:
  /_webhooks/credential:
    post:
      tags:
        - Webhooks
      summary: Credential Event
      description: >-
        Fired when a credential request is accepted or rejected by the subject.


        **Inbound webhook callback** — Humanos POSTs this payload to your
        registered webhook URL. This is not an endpoint you call; it is
        documented as a path so SDK code generators emit a typed payload model.
      operationId: webhooks_credential
      parameters:
        - $ref: '#/components/parameters/ApiVersion'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CredentialEvent'
      responses:
        '200':
          description: Webhook received successfully
components:
  parameters:
    ApiVersion:
      name: API-Version
      in: header
      required: false
      schema:
        type: string
        pattern: ^\d{4}-\d{2}-\d{2}$
        example: '2026-07-06'
      description: >-
        Pin request, response, and webhook shapes to a specific dated API
        version (YYYY-MM-DD). Omit to use the version pinned to your API key
        (set when the key is created; new keys default to the latest version).
        New integrations should target the latest version.
  schemas:
    CredentialEvent:
      type: object
      properties:
        eventType:
          type: string
          enum:
            - credential
        requestId:
          type: string
        internalId:
          type: string
        issuerDid:
          type: string
        user:
          type: object
          properties:
            contact:
              type: string
            id:
              type: string
            internalId:
              type: string
          required:
            - contact
            - id
          additionalProperties: false
        api_version:
          type: string
        credential:
          $ref: '#/components/schemas/CredentialEntity'
        decision:
          type: object
          properties:
            action:
              $ref: '#/components/schemas/DeliveryActionType'
            date:
              type: string
              format: date-time
          required:
            - action
            - date
          additionalProperties: false
      required:
        - api_version
        - credential
        - decision
        - eventType
        - issuerDid
        - requestId
        - user
      additionalProperties: false
    CredentialEntity:
      type: object
      properties:
        id:
          type: string
          description: URN of the credential.
          example: urn:via:credential:550e8400-e29b-41d4-a716-446655440000
        name:
          type: string
          description: Human-readable name of the credential; null when unset.
          example: Credential Name
        description:
          type: string
          description: Free-text description of the credential; null when unset.
          example: Document to be requested on onboarding
        internalId:
          type: string
          description: >-
            Identifier to help you identify the credential in your own system.
            We recommend using a unique value.
          example: internal-12345
        resourceType:
          type: string
          description: >-
            The type of resource for this credential (e.g., DOCUMENT, CONSENT,
            FORM)
          example: DOCUMENT
        status:
          type: string
          description: The status of the credential
          example: DRAFT
          enum:
            - DRAFT
            - ACTIVE
            - REJECTED
            - CANCELED
            - REVOKED
            - EXPIRED
        tags:
          description: Free-form labels attached to the credential.
          example:
            - onboarding
            - kyc
          type: array
          items:
            type: string
        w3cCredential:
          type: object
          description: >-
            The W3C Verifiable Credential following the VIA protocol
            specification.


            While the credential is in DRAFT status, this object is in building
            mode:

            evidences, proofs, and other fields may still be attached or
            modified as

            grantors review and decide. The `proofs` array will be empty at this
            stage.


            Once all grantors have accepted (or the request window expires), the
            status

            transitions out of DRAFT and cryptographic signature proofs are
            attached.

            At that point the credential is fully sealed and can be passed for

            verification as defined by the VIA protocol.
          example:
            '@context':
              - https://www.w3.org/ns/credentials/v2
              - https://via.humanos.dev/ns/v1
            id: urn:via:credential:550e8400-e29b-41d4-a716-446655440000
            type:
              - VerifiableCredential
              - VIAMandate
            issuer: did:web:humanos.tech
            validFrom: '2025-01-01T00:00:00Z'
            validUntil: null
            credentialSubject:
              id: did:web:humanos.tech:org:550e8400-e29b-41d4-a716-446655440000
              mandate:
                grantor: did:web:humanos.tech:user:7c9e6679-7425-40de-944b-e07fc1f90ae7
                scope: humanos.credential.request
                context:
                  authorizedDIDs:
                    - >-
                      did:web:humanos.tech:org:550e8400-e29b-41d4-a716-446655440000
                    - >-
                      did:web:humanos.tech:user:7c9e6679-7425-40de-944b-e07fc1f90ae7
            evidences:
              - id: urn:via:evidence:9b2e4f1a-3c7d-4e8a-bf12-2a6c5d8e0f34
                digestSRI: sha256-abc123
                location: >-
                  https://api.humanos.dev/credential/evidence/urn:via:evidence:9b2e4f1a-3c7d-4e8a-bf12-2a6c5d8e0f34
            proofs:
              - type: DataIntegrityProof
                cryptosuite: eddsa-jcs-2022
                verificationMethod: did:web:example.com#key-1
                created: '2026-05-02T10:15:30.000Z'
                proofPurpose: assertionMethod
                proofValue: z2pcVdSdoMTrkYP9rVdz...
                action: ISSUE
                actionProof: sha256-9b2e4f1a3c7d4e8abf122a6c5d8e0f34abc123def456...
              - type: DataIntegrityProof
                cryptosuite: eddsa-jcs-2022
                verificationMethod: >-
                  did:web:humanos.tech:user:7c9e6679-7425-40de-944b-e07fc1f90ae7#key-1
                created: '2026-05-02T10:15:30.000Z'
                proofPurpose: assertionMethod
                proofValue: z2pcVdSdoMTrkTCXzp...
                action: ACCEPT
                actionProof: sha256-9b2e4f1a3c7d4e8abf122a6c5d8e0f34abc123def457...
              - type: DataIntegrityProof
                cryptosuite: eddsa-jcs-2022
                verificationMethod: did:web:humanos.tech#key-1
                created: '2026-05-02T10:15:30.000Z'
                proofPurpose: assertionMethod
                proofValue: z2pcVdSdoMTrkTRrXdz...
                action: STAMP
                actionProof: sha256-9b2e4f1a3c7d4e8abf122a6c5d8e0f34abc123def458...
        decisions:
          description: >-
            Whether each grantor accepted or rejected the credential and
            information about the grantor contact. The `id` field carries the
            grantor's DID. Always an array (empty when there are no decisions
            yet).
          example:
            - id: did:web:humanos.tech:user:7c9e6679-7425-40de-944b-e07fc1f90ae7
              contact: grantor@example.com
              accepted: true
              decidedAt: '2025-06-01T12:00:00.000Z'
          type: array
          items:
            type: array
      required:
        - id
        - resourceType
        - status
        - w3cCredential
        - decisions
    DeliveryActionType:
      type: string
      enum:
        - accept
        - reject

````