- Issuing a KYC credential the moment a user passes identity verification
- Issuing an attendance credential when a venue scan detects a fan’s check-in
- Issuing a subscriber tier credential at the end of each billing cycle
- Issuing a loyalty credential triggered by a purchase event
When to Use It vs. Standard Issuance
| Scenario | Use Standard Issuance | Use Issue on Behalf |
|---|---|---|
| User initiates credential claim themselves | Yes | No |
| Credential is triggered by a backend event | No | Yes |
| User is actively logged in at issuance time | Yes | Either |
| User is offline / not in session | No | Yes |
| Zero-friction UX is a requirement | No | Yes |
| KYC completion triggers credential | No | Yes |
| Attendance / purchase / billing events | No | Yes |
| User explicitly clicks “Claim Credential” | Yes | No |
How It Works
- A backend event fires — KYC passed, purchase confirmed, check-in scanned.
- Your server retrieves the target user’s email and signs a Partner JWT.
- Your server calls the Issue on Behalf API endpoint.
- AIR Kit verifies the JWT and queues the credential for on-chain processing.
- Issuance is asynchronous — your server polls a status endpoint until the credential is confirmed on-chain.
- The user presents the credential later at any verifier; no action needed at issuance time.
Prerequisites
Before using Issue on Behalf you need:- Feature activation — Enable Issue on Behalf for your partner account in the Developer Dashboard (Accounts → General).
- Partner ID and Issuer DID — From the Developer Dashboard (Accounts → General).
- Issuance program — A published credential program in the dashboard (Issuer → Programs).
- JWKS endpoint — A public URL serving your RSA public key for JWT verification. See Partner Authentication.
- User email — The email address of the AIR Account receiving the credential.