The verifiable authorisation to onboard is a verifiable credential that can be issued only by a Trusted Issuer registered in EBSI, and it allows the subject to register a DID Document in the DID Registry.

Load the issuer

Load the keys of the Trusted Issuer:

==> using user ES256K did1 <ISSUER_PRIVATE_KEY_ES256K> <ISSUER_DID>
==> using user ES256 did1 <ISSUER_PRIVATE_KEY_ES256> <ISSUER_DID>

Now connect the wallet with the pilot environment:

==> env pilot

Define VC payload

Create a JSON file with this payload and fill it accordingly:

{
  "@context": ["https://www.w3.org/2018/credentials/v1"],
  "type": [
    "VerifiableCredential",
    "VerifiableAttestation",
    "VerifiableAuthorisationToOnboard"
  ],
  "issuer": "did:ebsi:zZeKyEJfUTGwajhNyNX928z",
  "credentialSubject": {
    "id": "did:ebsi:zzcJJuM4Z4AUKdL8kdMEKNw",
    "accreditedFor": []
  },
  "termsOfUse": {
    "id": "https://api-pilot.ebsi.eu/trusted-issuers-registry/v4/issuers/did:ebsi:zZeKyEJfUTGwajhNyNX928z/14bd0d26f3b05d825b91cede8b31068f4d3a3dfda7673e7d36ecfe9f9d402509",
    "type": "IssuanceCertificate"
  },
  "credentialSchema": {
    "id": "https://api-pilot.ebsi.eu/trusted-schemas-registry/v2/schemas/z3MgUFUkb722uq4x3dv5yAJmnNmzDFeK5UC8x83QoeLJM",
    "type": "FullJsonSchemaValidator2021"
  }
}

Now import it in the CLI tool:

==> payloadVcOnboard: load path-to-file.json

Create and sign the VC

Finally, use this payload to create and sign the VC:

==> compute createVcJwt payloadVcOnboard {} ES256

Please note that this credential is signed with the ES256 key, not the ES256K key.

Congratulations!

You have issued a verifiable credential to onboard. Now you can share the credential with the legal entity to be able to register the DID.