multipaz/org.multipaz.provisioning/AbstractDocumentProvisioningHandler/getPendingKeyBoundCredentials

getPendingKeyBoundCredentials

abstract suspend fun getPendingKeyBoundCredentials(document: Document, credentialMetadata: CredentialMetadata, issuerMetadata: ProvisioningMetadata, createKeySettings: CreateKeySettings): List<SecureAreaBoundCredential>

Gets the pending key-bound credentials for a document.

Provisioning will call Credential.certify method on these credentials once the data comes from the issuer. When pending credentials are created, it is very important that their keys are created with appropriate settings, as this is what anchors the whole security model of Digital Credential ecosystem. Parameter createKeySettings should be seen as providing the minimal requirements. In particular, CreateKeySettings.algorithm should and CreateKeySettings.nonce must be honored. In some cases, implementations may want or need to use custom and/or SecureArea-specific CreateKeySettings to have better control over key properties.

It is up to the implementation to determine the number of credentials to create, but it should generally not exceed issuer limit given in CredentialMetadata.maxBatchSize.

Return

a list of pending key-bound credentials, if any.

Parameters

document

Document for which credentials are being issued.

credentialMetadata

information about credentials being issued.

issuerMetadata

information about the issuer of the credential.

createKeySettings

suggested settings for the key to which credentials are bound.

Generated by Dokka
© 2026 Copyright