Skip to main content

Metadata

The metadata endpoint is a required endpoint that provides essential configuration information about the credential issuer.

This endpoint lets GOV.UK Wallet and verifiers dynamically learn information about the credential issuer, such as:

  • the endpoints used in the issuance flow
  • the supported credential types
  • how credentials should be displayed in the wallet

Technical details

Endpoint location

The metadata must be publicly accessible at the standardised location /.well-known/openid-credential-issuer on the credential issuer’s domain. The data published is non-sensitive metadata about the service.

Response format

The endpoint must return a 200 OK HTTP status code and valid JSON response that follows the OID4VCI specification.

The metadata must include the following parameters:

  • credential_issuer: The URL of the credential issuer.
  • authorization_servers: An array of URLs for the authorisation servers the credential issuer relies on for authorisation. This must be set to the GOV.UK One Login URL.
  • credential_endpoint: The URL of the credential issuer’s credential endpoint, where credentials can be obtained.
  • credential_configurations_supported: An object describing the credentials offered by the credential issuer.

If your credential issuer implements the optional notification endpoint, then the metadata must include the notification_endpoint parameter.

You can define and use additional metadata parameters.

Credential information

The credential_configurations_supported object contains key/value pairs, where each key is a unique identifier of a verifiable credential supported by the credential issuer and the value is the configuration of that verifiable credential.

Each credential object in credential_configurations_supported must include the following parameters:

  • format
  • credential_definition
  • cryptographic_binding_methods_supported
  • credential_signing_alg_values_supported
  • proof_types_supported

There is more information about the credential_configurations_supported parameter.

Metadata example

Below is an example of a credential issuer metadata:

{
  "credential_issuer": "https://example-credential-issuer.gov.uk",
  "authorization_servers": ["https://token.account.gov.uk"],
  "credential_endpoint": "https://example-credential-issuer.gov.uk/credential",
  "notification_endpoint": "https://example-credential-issuer.gov.uk/notification",
  "credential_configurations_supported": {
    "FishingLicenceCredential": {
      "format": "jwt_vc_json",
      "credential_definition": {
        "type": [
          "VerifiableCredential",
          "FishingLicenceCredential"
      ]},
      "cryptographic_binding_methods_supported": [
        "did"
      ],
      "credential_signing_alg_values_supported": [
        "ES256"
      ],
      "proof_types_supported": {
        "jwt": {
          "proof_signing_alg_values_supported": [
            "ES256"
          ]
        }
      }
    }
  }
}
This page was last reviewed on 3 April 2025. It needs to be reviewed again on 3 October 2025 .