[null,null,["最后更新时间 (UTC):2025-07-26。"],[],[],null,["# Overview of digital credentials\n\nDigital credentials are cryptographically verifiable documents that can be used\nto authenticate, authorize, or otherwise provide information about a user. These\nare typically things such as mobile driver's licenses, digital passports,\nboarding passes, etc. They reside in virtual containers called digital wallets,\nand are part of a W3C standard that specifies how to access and retrieve them.\nThis standard is implemented for web use cases with the\n[W3C Credential Management API](https://www.w3.org/TR/credential-management-1/) and on Android, with Credential\nManager's [DigitalCredential API](/reference/kotlin/androidx/credentials/DigitalCredential).\n\nUnderstand digital credentials\n------------------------------\n\nIn the physical world, a person might keep their identity in their wallet, and\npresent it to a requesting party when asked:\n**Figure 1.** The process of fulfilling a physical-world credential request. The requestor asks the user for a specific credential. Then, the user selects and retrieves it from their physical wallet. Finally, the user provides the credential to the requestor.\n\nIn this case, a user generally has a single wallet, and retrieves the requested\ncredential(s) from the wallet to present to the requestor. Wallets are mostly\ninterchangeable, and can generally store the same things.\n\nDigital credentials have a few main differences:\n\n1. Users are expected to have multiple wallets which can contain various different credentials. Wallets determine which credentials may be stored inside of them.\n2. The requestor is now an application rather than a real person, and is referred to as a verifier.\n3. The credential presentation happens in software, which means an API surface retrieves and presents the credentials - in Android, this is Credential Manager.\n\nAs such, Credential Manager takes on several roles that were formerly handled by\nthe user:\n\n1. On Android, Wallets must register their credentials metadata with Credential Manager to be listed in the Credential Manager UI.\n2. Credential Manager matches credentials across wallets based on the request and presents a list for the user to select.\n3. When the user selects a credential in the list, Credential Manager then invokes the wallet, which will handle the remainder of the transaction (showing UIs, etc.) and return the credential to the application.\n\nThis flow is shown here:\n**Figure 2.** Interaction model for digital credential verification. Credential Manager uses pre-registered credentials metadata across user wallet(s) to match a verifier's request and prompts the user to select a credential. Credential Manager then directs the activity flow to the corresponding wallet which handles the remainder of the transaction and returns the credential to the verifier. Note: The verifier needs to handle and verify the credential response once it is returned.\n\n### User experience\n\nAs shown in the Android flow, the user only needs to interact once with the\nCredential Manager UI to select the appropriate credential. Here is an example\nof how the selector looks:\n**Figure 3.** The digital credentials UI.\n\n### Standards\n\nDigital credentials requests are created using the [OpenID4VP\nstandard](https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#name-introduction). You can see example requests at the\n[Digital Credentials Demo site](https://digital-credentials.dev/).\n\nDigital credential responses are typically returned in a standardized credential\nformat. These are maintained by different standards bodies, and include\n[W3C Verifiable Credentials](https://www.w3.org/TR/vc-data-model-2.0/), [sd-jwt](https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/), and\n[mdoc](https://www.iso.org/standard/69084.html).\n\nCustom protocols are also feasible, though we recommend using one of the\nstandard protocols in your application.\n\n### Try it out\n\nYou can test out the digital credentials flow across platforms with an Android\nwallet and web-based verifier:\n\n1. Install the [CMWallet public sample](https://github.com/digitalcredentialsdev/CMWallet) on your Android phone. You can do this by pulling from the repository and installing directly from Android Studio or navigating to \u003chttps://github.com/digitalcredentialsdev/CMWallet/actions\u003e and selecting the latest build to access the latest `app-debug.apk` file.\n2. Open the CMWallet to register the metadata with Credential Manager. Make sure Bluetooth is enabled to allow your devices to connect to each other.\n3. Navigate to \u003chttps://digital-credentials.dev/\u003e and select `Request Credentials (OpenID4VP)`.\n4. Accept the warning prompts and scan the QR Code with your phone, then select \"Use passkey\" and tap through the confirmation to show the available credentials.\n5. Select the credential from CMWallet to return to the browser. The browser should show the returned credential.\n\n### See also\n\n- To learn more about using Credential Manager to request digital credentials in your app, read the [Credential Manager - Verifier API](/identity/digital-credentials/credential-verifier) page.\n- To learn more about building a digital wallet using Credential Manager, read the [Credential Manager - Holder API](/identity/digital-credentials/credential-holder) page."]]