Skip to content
CredTrail Docs Official credential APIs for higher education
Platform site

OB3 reference

Open Badges 3.0 API

Reference for CredTrail's Open Badges 3.0 endpoints, OAuth flows, and OpenAPI schema.

OpenAPI JSON Automation Wallet import
  • OAuth 2.0 with PKCE
  • OpenAPI schema
  • Credential and profile routes
Reference Key routes
GET

/discovery

Discovery document for standards-aware clients.

GET

/credentials

Credential read access for the authenticated subject.

PUT

/profile

Profile synchronization for issuer-managed records.

Service base URL https://credtrail.org/ims/ob/v3p0
Service URL

https://credtrail.org/ims/ob/v3p0

Base URL for CredTrail’s Open Badges 3.0 service surface and credential records.

Authentication

OAuth 2.0 + PKCE

Authorization code flow with scoped access for credential and profile operations.

Related guide

Institution automation

Use the tenant automation guide for assertion-backed API-key write flows like issue and revoke.

When to use this API

Section titled “When to use this API”
Audience

Institution systems and issuer services

Use this API when a university, department, or partner service needs to synchronize badge records with CredTrail under explicit institutional control.

Coverage

Discovery, credentials, profile, and public verification context

This reference covers the operational API surface while keeping wallet delivery and public badge verification aligned with the same record system.

Use the right surface

OB3 is the standards-based record API, not the tenant automation write queue.

  • Use this page for OB3 discovery, credential reads and writes, profile access, and OAuth details.
  • Use the institution automation guide for x-api-key issue and revoke operations.
  • Use the public verification guide for recipient-facing badge URLs, verification JSON, and downloads.

Credential proof profile

Section titled “Credential proof profile”
Signing profile

CredTrail issues OB3 JSON-LD credentials with W3C Data Integrity proofs.

  • Issued credentials use DataIntegrityProof with cryptosuite: "eddsa-rdfc-2022".
  • Issuer identity is published through did:web documents and tenant key material.
  • Legacy Ed25519Signature2020, JWT-VC, and ecdsa-sd-2023 issuance are outside the v1 proof profile.
  • Structured TrustEd metadata adds the CredTrail TrustEd context when those fields are present.
Registration URL
https://credtrail.org/ims/ob/v3p0/oauth/register
Authorization URL
https://credtrail.org/ims/ob/v3p0/oauth/authorize
Token URL
https://credtrail.org/ims/ob/v3p0/oauth/token
Refresh URL
https://credtrail.org/ims/ob/v3p0/oauth/refresh

OAuth 2.0 + PKCE

Section titled “OAuth 2.0 + PKCE”

Authentication uses OAuth authorization code with PKCE (S256).

Scopes

Section titled “Scopes”
https://purl.imsglobal.org/spec/ob/v3p0/scope/credential.readonly

Permission to read AchievementCredentials for the authenticated entity.

https://purl.imsglobal.org/spec/ob/v3p0/scope/credential.upsert

Permission to create or update AchievementCredentials for the authenticated entity.

https://purl.imsglobal.org/spec/ob/v3p0/scope/profile.readonly

Permission to read the profile for the authenticated entity.

https://purl.imsglobal.org/spec/ob/v3p0/scope/profile.update

Permission to update the profile for the authenticated entity.

Endpoint reference

Section titled “Endpoint reference”
GETPublic

/discovery

Returns the Open Badges 3.0 service description document for compatible clients.

GETOAuth

/credentials

Returns paginated credentials for the authenticated subject.

POSTOAuth

/credentials

Creates or updates an Open Badge credential in CredTrail’s supported OB3 JSON-LD proof profile.

GETOAuth

/profile

Returns the profile resource for the authenticated subject.

PUTOAuth

/profile

Updates the profile resource for the authenticated subject.

Wallet delivery endpoints

Section titled “Wallet delivery endpoints”

These complement OB3 APIs for wallet interoperability and learner import flows.

GETPublic

/.well-known/openid-credential-issuer

Issuer discovery document for wallet clients and OID4VCI-capable tooling.

POSTPublic

/credentials/offer

Creates a credential offer from a public badge identifier for learner import.

POSTPublic

/credentials/v1/token

Exchanges a pre-authorized code for a short-lived OID4VCI access token.

POSTPublic

/credentials/v1/credentials

Returns the credential payload to the authenticated wallet exchange client.

Quick examples

Section titled “Quick examples”
Terminal window
curl -sS https://credtrail.org/ims/ob/v3p0/discovery | jq '.openapi, .info.title'
Section titled “Related docs”
Institution automationQueue issue and revoke operations after your local systems determine learner eligibility.Public verification and downloadsReview the clean public badge routes used by recipients, employers, and auditors.Wallet import and credential exchangeFollow the learner delivery path built on the same credential records.