Issuing W3C Verifiable Credentials From a SQLite Database

This post is a technical guide on how to connect a database to a W3C verifiable credential issuance workflow with the Trinsic SDK.


Many existing companies who build IDtech products look for a way to get user data from a database into a verifiable credential format. Since we’re still early in verifiable credential adoption, tactics like issuing credentials from a database are great for kickstarting an ecosystem and giving users valuable credentials.


We’ll outline six steps below (including relevant JavaScript code snippets) for how you can export data from a database and issue it to a user as a verifiable credential.

6 Steps for Issuing Verifiable Credentials From a Database

  1. Identify your data source
  2. Create a credential template in the Trinsic dashboard
  3. Set up the Trinsic SDK
  4. Query the data from the database
  5. Transform the data into a JSON that maps to the credential template
  6. Issue and send credentials to the user wallets

Identify Your Data Source

In this scenario, imagine you have a small group who have signed up for an event, and you’d like to issue them a verifiable credential to use as their event ticket. We have a very simple database with five users, each with four attributes that looks something like what is shown below. You’ll need to be able to query this database.

Create a Credential Template

In the Trinsic Dashboard, you can create a simple template that includes:


  • Name
  • Email
  • Age
  • Allergies


Make sure the credential template fields map to the information that is in your database. Once your credential template is created, you’ll need to refer to the templateId in a future step.

Set Up the Trinsic SDK

Call the Trinsic service so you can seamlessly sign and issue credentials once you’ve exported and formatted the data. In this scenario, you will be using the issuer auth token.

					import { TrinsicService } from "@trinsic/trinsic";

async function main() {
  // Construct a TrinsicService and configure it with the auth token for your issuer wallet
  const trinsic = new TrinsicService();
  trinsic.setAuthToken("[ISSUER AUTH TOKEN]");

Query the Data From the SQLite Database

You’ll write a short script that queries your database. In our example we’re using a SQLite database and have written some JavaScript shown below:

					// Load the database for this example.
// In this example, we're using SQLite -- your use case will look different depending on your data source.
const db = await open({
  filename: './data/attendees.db',
  driver: sqlite3.Database

// Fetch the data from the database
const attendees = await db.all("SELECT email, name, age, allergies FROM attendees");

Transform the Data Into a JSON That Maps to the Credential Template

Then we loop over each row of user information, storing each property in  credentialValues  that corresponds with the credential template we previously defined. In the next step this JSON blob will be signed and become a verifiable credential.

					for (const attendee of attendees) {
  // Prepare the JSON to issue the credential
  // The key names here must match the key names used when creating the template
  const credentialValues = {
    age: attendee.age,
    allergies: attendee.allergies

Issue and Send Credentials to the User Wallets

Once  credentialValues is set, we call  issueFromTemplate,  referencing the  templateId. This call returns a signed credential.

					 // Issue the credential -- this returns a signed credential, but does not store it in a wallet yet
    const issuedCredential = await trinsic.credential().issueFromTemplate({
      templateId: templateId, // Use your template ID here
      valuesJson: JSON.stringify(credentialValues)

The signed credential can now be sent to a user’s wallet. Even if a user doesn’t have an existing wallet, you can send it to their email, allowing them to access a credential without needing to download a new app or create a new username and password.

					// Store the credential in the attendee's wallet; this will create it if it does not exist.
    await trinsic.credential().send({
      documentJson: issuedCredential.documentJson


As you can imagine, there are many edge cases that may complicate this process. In future walkthroughs we could explore issuing credentials from a CSV file, or issuing credentials to identifiers other than emails, or any other situations that you would find valuable. Let us know by emailing or writing in Slack.


For the full code snippet for this scenario, here’s the GitHub link.

Share Post

Related Posts