When you select an agent from the Agency Account Dashboard, you will be immediately taken into the Agent Details General page. This page is largely informational. The Welcome Banner contains a great set of getting started information for all types of users, including how to acquire the IBM Verify Credentials mobile app and browser extension and where to try them out on live, running issuers and verifiers.
Directly below the page title, you'll see a section that contains data specific to your agent:
|Agent Name||Display name of your agent.|
|Agent DID||Public DID of the agent. If this agent becomes an issuer, this DID will represent it on the public ledger|
|Agent Role||Set to
|Agent URL||The URL for this agent. You may need this URL in order to associate a mobile device with this agent, or to provide this URL to others in order for their agents to connect to yours.|
When a device is associated with your agent, the agent is given information about the device so that it can notify the device in case there are significant events that happen while the agent is running. Some of these events that an agent may experience are invitations to connect to someone else, offers for verifiable credentials and requests for information. Once you are notified, you'll have the opportunity to accept or reject such offers.
Add a device
To associate a mobile device with an agent, agent information such as the agent name, Agent URL and password will all need to be provided to the mobile app. This allows the mobile app to manage and act on your agent on your behalf. By clicking on the Add device button at the top of the Registered Devices table, you'll be presented with two paths:
- Scan QR Code
- Manual Entry
If you click on Scan QR Code, you'll be shown a QR code with the agent information mentioned above encoded within it. A mobile app can scan this QR code, extract the agent information, and configure itself to use this information to interact with the agent.
If you select the Manual Entry route, the slideout will show the Agent URL, name and password so that you can be easily find the information that you'll need to provide to your mobile device. The agent name and password are also necessary pieces of information should you be a developer who'd like to interact with your agent at the API level.
Delete a device
Should you decide that you would no longer like such notifications to be sent to your device, in the Registered Devices table you may select that device's checkbox then click on the delete icon at the top of the table. You'll then be asked to confirm.
To confirm, just provide the device's name in the Device name textfield. You can either manually enter the name or copy it to the system clipboard and paste it into the field. When you are ready, select the Remove button to delete the device from the table.
After you selected this agent and entered the agent details view for this agent, the context changed from that of the agency to that of a single agent. With this change the menu items that display in the profile drop down menu have also changed.
In order to leave the agent details view and return to the Agency Account Dashboard, select the Account Dashboard menu item. This will return you to your Agency Account Dashboard and display the complete list of agents in this account. Similarly, you could also click on the product name, IBM Verify Credentials, in the upper left corner of the page. This will also navigate you to your Agency Account Dashboard.
If you run into issues and would like to make us aware of them, please use the Support menu item. You can see more information on reporting issues in the Agency Account Dashboard help.
When you created your account, you agreed to a set of terms and conditions regarding our offerings. If you'd care to review them again, select Terms and Conditions from the user profile menu. A new browser window or tab will open in the web browser displaying the Terms and Conditions document.
To logout of the Agency Account Dashboard, select Logout from the User Menu on any page.
Note: The logout action will log the user out of IBM ID. Other tabs in this web browser using IBM ID may require you to login again to continue using them.
The cornerstone to Verifiable Credentials lies in the relationships that each entity has with other entities. An issuer creates credentials for others based on information that the issuer has gained about the other party during their relationship. Provers decide what information to share with a verifier based on the trust in their relationship. Since all exchanges of information between agents flows through connections, the easiest way to view the current relationships that an agent has is by looking at the agent's connections.
When you enter the Connections page, you may notice a Pending Notifications tag near the Connections title. This tag appears here if the agent has received any connection offers that haven't been processed, yet. You can see all notifications by going to the Notifications page.
There are two states that a connection may be in when it appears in the Connections table,
rejected. If a connection offer from another party was accepted, the state of the connection will be
connected. And if a connection offer was rejected, the connection will be in the
rejected state. Rejected connections are unable to carry any information. Connection offers (
inbound_request state), as mentioned previously, can be found on the Notifications page.
|outbound_offer||offerer||Offerer has extended a connection offer|
|inbound_offer||offeree||Offeree has received a connection offer|
|rejected||both||Connection offer has been rejected by the offeree|
|connected||both||Connection has been accepted by the offeree|
View Connection Details
While most users will have no need to see the details of a connection, this may be of benefit to developers. If you click on the
: for a connection in the right-most column of the table, you will see the actions that can be performed on the connection. Currently users are only allowed to export information about a connection. To generate a .json file with the details of a connection, click on the Export action. The browser will then download a .json file containing the connection details.
The connection will remain available to both parties (both the entity that offered the connection and the entity that accepted it) until it is deleted. When one of the parties deletes the connection, the other agent will be notified of the deletion so that it may also clean up the resources dedicated to the connection. Once the connection is gone, the agent will no longer have a record of the relationship. However, artifacts (credentials, proof responses, etc) that travelled over that connection and are associated with that relationship will remain. Any credentials from the relationship will still work however any offers still pending from the relationship will no longer be able to be accepted or rejected.
To delete a connection, select the connection by clicking on the checkbox corresponding to the connection. Then click on the delete button at the top of the table. You will be presented with the Delete connection slideout. To confirm that you really want to delete the connection, copy + paste the connection name, or manually enter it, into the Connection name field. Then click on the Delete button to delete the connection.
Pending offers that have been extended to an agent can be viewed on the Notifications page. Offers that are capable of being accepted or rejected, such as connection offers, are displayed with the appropriate buttons. In order to see more information on the offer, click on the Click to view details text in the message. The message will be expanded and the details will be displayed.
Some offers can not be simply accepted. For example, verification requests. Such notifications will appear here with a View button. These notifications will remain until they are processed by a user using an endpoint (mobile device or browser extension).
Similar to the Connections page, when you enter the Credentials page, you may notice a Pending Notifications tag near the Credentials title. This tag appears here if the agent has received a credential offer that hasn't been processed, yet. You can see all notifications by going to the Notifications page.
A credential may be in one of many states:
|outbound_request||holder||Holder has asked an issuer to send a credential offer|
|inbound_request||issuer||Issuer has received a request for a credential offer from a potential holder|
|outbound_offer||issuer||Issuer has sent this credential offer|
|inbound_offer||holder||Holder has received this credential offer|
|accepted||holder||Holder has accepted the credential offer|
|issued||issuer||Issuer has issued this credential since the credential offer was accepted|
|stored||holder||Holder has stored this credential after it was issued|
Note: Credential table currently only shows credentials with holder roles. Credentials with state
inbound_offerare visible on the Notifications page.
View Credential Details
In order to see more information on a credential entry, just select the item from the table. A slideout will appear that itemizes the attributes in the credential and displays their values.
You may delete a credential at any time. For example, when a credential has expired.
To delete a credential, select the credential by clicking on the checkbox corresponding to the credential. Then click on the delete button at the top of the table. You will be presented with the Delete credential slideout. To confirm that you really want to delete the credential, copy + paste the credential name, or manually enter it, into the Credential name field. Then click on the Delete button to delete the credential.
The Settings page allows you to manage your agent's password, request that your agent be allowed to issue verifiable credentials, or delete your agent.
When you delete an agent, you are deleting all of the data contained in the agent's wallet as well as the artifacts (connections, credentials, etc) associated with the agent. However, if your agent was an issuer, any artifact associated with the agent on the ledger (public DID, public key, credential definitions, credential schemas) will continue to exist as long as the ledger exists. This ensures that any credentials created by your agent can still be verified when presented to a verifier.
To delete an agent, click on the Delete agent button on the Settings page. You will be presented with the Delete agent slideout. To confirm that you really want to delete the agent, copy + paste the agent name, or manually enter it, into the agent name field. Then click on the Delete button to delete the agent.
Make an Agent an Issuer
In the world of Self Sovereign Identity, verifiable credentials carry attestations issued by an issuer. Due to the underlying design, it can be proven that a particular issuer made these claims about the subject of the credential. However, none of this provides any value to the credential holder unless the holder, and the other participants in the ecosystem that may later verify proofs containing the credential, can trust that the issuer is who they say they are.
By clicking on the Make this agent an Issuer button on the Settings page, you are asking the participants on the network to recognize you for who you are and to grant you the right to issue verifiable credentials. Initially, this may be a formality and the rights to issue may be granted quickly if not immediately. However, eventually, a process will be followed where those interested in becoming an issuer will be vetted and must prove who they are. Once the network has accepted this agent as an issuer, its public DID and public key will be written to the ledger and given the role of issuer on the ledger. At this point the agent may publish credential schemas and credential definitions to the ledger and begin creating credentials based on schemas registered on the ledger.
Change Agent Password
Each agent is initially created with a randomly generated password. If you would like to have a password that is easier for you to remember or if you feel that your password has been compromised, changing your password is easy.
Click on the Change password button. A slideout named New Agent password will appear. Enter your new password in the New password field. If you'd like to fill the field with a randomized password, click on the Autogenerate password button. Click on the Save new password button on the slideout to save this new password.
Note: changing your agent password will result in any mobile devices associated with this agent being no longer able to manage and work with this agent. You can update this agent's password on your IBM Verify Credentials mobile app by following the directions here. Or you can delete your device association with this agent and re-add the device to create a new association with the device and this agent.