Configure trusted issuers
Configure trusted entities who can issue verifications via API.
This guide explains how to configure trusted issuers via API - entities authorized by your organization to issue verifications that are automatically recognized for compliance purposes.
For the web interface approach, see the user guide.
Prerequisites
- Platform URL (e.g.,
https://your-platform.example.com) - API key from a user with the Claim Policy Manager role (see Getting Started for API key setup)
- Wallet verification method enabled on your account (e.g., pincode or 2FA)
- Understanding of your compliance requirements
- Wallet address of the user you want to make a trusted issuer
About trusted issuers
Trusted issuers are entities authorized by your organization to issue verifications that are automatically recognized for compliance purposes. For background on how the verification system works, see Compliance Overview.
Organization-specific trust
Trust relationships are specific to your organization. An issuer trusted by Organization A may not be trusted by Organization B for the same verification topics.
Available verification topics
The platform comes with preset verification topics for common compliance scenarios. Each topic has a unique topicId and a signature defining the data structure for that verification type.
Custom verification topics
These are preset topics included with the platform. You can create additional custom verification topics to meet your specific compliance requirements.
Investor verification topics
| Topic Name | Signature | Purpose |
|---|---|---|
knowYourCustomer | string claim | Basic KYC verification |
accreditedInvestor | string claim | Accredited investor status |
accreditedInvestorVerified | string claim | Verified accredited investor |
qualifiedInstitutionalInvestor | string claim | Qualified institutional buyer (QIB) |
professionalInvestor | string claim | Professional investor status |
antiMoneyLaundering | string claim | AML compliance verification |
regulationS | string claim | Regulation S (non-US investor) compliance |
Issuer verification topics
| Topic Name | Signature | Purpose |
|---|---|---|
issuerLicensed | string licenseType, string licenseNumber, string jurisdiction, uint256 validUntil | Issuer licensing status |
issuerJurisdiction | string jurisdiction | Issuer jurisdiction |
issuerProspectusFiled | string prospectusReference | Prospectus filing |
issuerProspectusExempt | string exemptionReference | Prospectus exemption |
issuerReportingCompliant | bool compliant, uint256 lastUpdated | Reporting compliance |
Asset verification topics
| Topic Name | Signature | Purpose |
|---|---|---|
assetClassification | string class, string category | Asset classification |
assetLocation | string city, string districtCode, string areaId | Asset location |
assetIssuer | address issuerAddress | Asset issuer identity |
basePrice | uint256 amount, string currencyCode, uint8 decimals | Base price information |
collateral | uint256 amount, uint256 expiryTimestamp | Collateral details |
contractIdentity | address contractAddress | Contract identity |
uniqueIdentifier | string identifier | Unique identifier |
Topic IDs
Each topic has a unique large numeric topicId (e.g.,
26984799302505749158794800959285050858086405868089409909048783980951278841746). Use the GET /api/system/claim-topics endpoint to retrieve the exact topic IDs for your platform.
Configuring trusted issuers
Get issuer's identity address
First, you need the identity contract address of the user you want to make a trusted issuer. If you have their wallet address, query their identity:
curl -X GET "https://your-platform.example.com/api/system/identity/by-wallet/0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb" \
-H "X-Api-Key: YOUR_API_KEY"Response:
{
"id": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890",
"account": {
"id": "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb",
"contractName": null
},
"isContract": false,
"hasIdentity": true,
"claims": []
}Important: Use the id field (identity CONTRACT address), not the account.id (wallet address).
List available verification topics
Query the available verification topics to identify which topics you want this issuer to be trusted for:
curl -X GET "https://your-platform.example.com/api/system/claim-topics" \
-H "X-Api-Key: YOUR_API_KEY"Response:
[
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"topicId": "26984799302505749158794800959285050858086405868089409909048783980951278841746",
"name": "knowYourCustomer",
"signature": "string claim",
"registry": {
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7"
}
},
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"topicId": "15733030998618876990024220391915773205162379317494393310546829862321881862123",
"name": "accreditedInvestor",
"signature": "string claim",
"registry": {
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7"
}
},
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"topicId": "39526553109170329799339511574661256630735485618560740361645615581310848276505",
"name": "qualifiedInstitutionalInvestor",
"signature": "string claim",
"registry": {
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7"
}
}
// ... additional topics available
]Note the topicId values for the topics you want to assign to this issuer. See Available verification topics above for the complete list.
Add trusted issuer
Create the trusted issuer by specifying their identity address and the verification topic IDs they can issue:
curl -X POST "https://your-platform.example.com/api/system/trusted-issuers" \
-H "X-Api-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"issuerAddress": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890",
"claimTopicIds": [
"26984799302505749158794800959285050858086405868089409909048783980951278841746",
"15733030998618876990024220391915773205162379317494393310546829862321881862123"
],
"walletVerification": {
"secretVerificationCode": "YOUR_PINCODE"
}
}'Response:
{
"txHash": "0x1234567890abcdef...",
"issuerAddress": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890"
}Multiple verification topics
You can assign multiple verification topics in a single request by including multiple topic IDs in the claimTopicIds
array.
Verify completion
Query the trusted issuers list to confirm the issuer was added with the correct verification topics:
curl -X GET "https://your-platform.example.com/api/system/trusted-issuers" \
-H "X-Api-Key: YOUR_API_KEY"Response:
[
{
"id": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890",
"account": {
"id": "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb"
},
"claimTopics": [
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"topicId": "26984799302505749158794800959285050858086405868089409909048783980951278841746",
"name": "knowYourCustomer",
"signature": "string claim"
},
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"topicId": "15733030998618876990024220391915773205162379317494393310546829862321881862123",
"name": "accreditedInvestor",
"signature": "string claim"
}
],
"deployedInTransaction": "0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
}
]Key fields to verify:
idmatches the issuer's identity address you addedclaimTopicscontains the verification topics you assigned (with fields:id,topicId,name,signature)account.idshows the issuer's wallet address
The issuer can now issue verifications for the assigned topics.
Managing trusted issuers
Update issuer topics
To modify which verification topics an issuer is trusted for:
curl -X PUT "https://your-platform.example.com/api/system/trusted-issuers/0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890" \
-H "X-Api-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"claimTopicIds": [
"26984799302505749158794800959285050858086405868089409909048783980951278841746",
"15733030998618876990024220391915773205162379317494393310546829862321881862123",
"39526553109170329799339511574661256630735485618560740361645615581310848276505"
],
"walletVerification": {
"secretVerificationCode": "YOUR_PINCODE"
}
}'Response:
{
"txHash": "0xabcdef1234567890...",
"issuerAddress": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890"
}Topic replacement
The claimTopicIds array replaces all existing topics. Include all topics you want the issuer to be trusted for, not
just new additions.
Remove trusted issuer
To revoke an issuer's trusted status:
curl -X DELETE "https://your-platform.example.com/api/system/trusted-issuers/0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890" \
-H "X-Api-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"walletVerification": {
"secretVerificationCode": "YOUR_PINCODE"
}
}'Response:
{
"txHash": "0x9876543210fedcba...",
"issuerAddress": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890"
}Impact of removal
Removing an issuer doesn't invalidate existing verifications but prevents new ones. Existing verifications remain valid until expiration.
Get topic details with trusted issuers
Get full details for a specific claim topic, including its trusted issuers:
curl -X GET "https://your-platform.example.com/api/system/claim-topics/knowYourCustomer" \
-H "X-Api-Key: YOUR_API_KEY"Response:
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"name": "knowYourCustomer",
"signature": "string claim",
"topicId": "26984799302505749158794800959285050858086405868089409909048783980951278841746",
"trustedIssuers": [
{
"id": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890",
"addedAt": "2024-01-15T10:30:00Z",
"revokedAt": "1970-01-01T00:00:00Z",
"account": {
"id": "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb"
}
}
]
}The response includes full topic details along with all non-revoked trusted issuers authorized for that topic.
List claim topics for a trusted issuer
Get the full topic list for a specific trusted issuer identity:
curl -X GET "https://your-platform.example.com/api/system/trusted-issuers/0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890/topics" \
-H "X-Api-Key: YOUR_API_KEY"Response:
{
"issuerAddress": "0x8e5F72f6E5b3B4D1234567890AbCdEf1234567890",
"claimTopics": [
{
"id": "0x534b8f03c16c92c70d1da1d2fae43b98352bf3d7...",
"topicId": "26984799302505749158794800959285050858086405868089409909048783980951278841746",
"name": "knowYourCustomer",
"signature": "string claim"
}
]
}Request parameters
Create trusted issuer
| Parameter | Type | Required | Description |
|---|---|---|---|
issuerAddress | string | Yes | Identity contract address (0x...) |
claimTopicIds | string[] | Yes | Array of verification topic IDs (min: 1) |
walletVerification | object | Yes | Your wallet verification to authorize the transaction |
Update trusted issuer
| Parameter | Type | Required | Description |
|---|---|---|---|
issuerAddress | string | Yes | Identity address to update (path parameter) |
claimTopicIds | string[] | Yes | New array of verification topic IDs (min: 1) |
walletVerification | object | Yes | Your wallet verification to authorize the transaction |
Delete trusted issuer
| Parameter | Type | Required | Description |
|---|---|---|---|
issuerAddress | string | Yes | Identity address to remove (path parameter) |
walletVerification | object | Yes | Your wallet verification to authorize the transaction |
Get topic details (with trusted issuers)
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Claim topic name (path parameter, e.g., knowYourCustomer) |
List claim topics for issuer
| Parameter | Type | Required | Description |
|---|---|---|---|
issuerAddress | string | Yes | Trusted issuer identity address (path param) |
Wallet verification object
| Field | Type | Description |
|---|---|---|
secretVerificationCode | string | 6-digit pincode or TOTP code |
verificationType | string | "PINCODE" (default), "SECRET_CODES", or "OTP" |
Response fields
Trusted issuer
| Field | Type | Description |
|---|---|---|
id | string | Issuer identity contract address |
account.id | string | Issuer wallet address (optional) |
claimTopics | array | Verification topics this issuer can verify |
deployedInTransaction | string | Transaction hash where issuer was added |
Verification topic
In trusted issuer response (claimTopics array):
| Field | Type | Description |
|---|---|---|
id | string | Topic scheme identifier |
topicId | string | Large numeric ID unique to the topic |
name | string | Human-readable name of the topic |
signature | string | Claim data parameter types for verification |
In claim topics endpoint (GET /api/system/claim-topics):
Includes all fields above plus:
| Field | Type | Description |
|---|---|---|
registry | object | Registry information containing registry ID |
registry.id | string | Contract address of the claim topic registry |
Best practices
Issuer selection criteria
Choose trusted issuers based on:
- Authority - Legal or professional standing
- Expertise - Knowledge of verification area
- Independence - Avoid conflicts of interest
- Reliability - Consistent and accurate
Topic assignment principles
- Segregation - Separate issuer types by domain
- Redundancy - Multiple issuers for critical topics
- Specialization - Match expertise to topics
- Compliance - Follow regulatory requirements
Operational considerations
- Regular audits - Review issuer activities
- Rotation - Periodically update issuers
- Training - Ensure issuers understand responsibilities
- Documentation - Record issuer selection rationale
Troubleshooting
| Issue | Solution |
|---|---|
401 Unauthorized | API key is invalid, expired, or disabled |
403 USER_NOT_AUTHORIZED | Ensure your account has claimPolicyManager role |
Identity not found | User must be registered first; see Register User |
Invalid issuer address | Use the identity CONTRACT address, not the wallet address |
Topic not found | Verify the topic ID exists using GET /api/system/claim-topics |
Issuer already exists | The issuer is already registered; use PUT to update topics |
Related guides
- Compliance Overview - Complete compliance reference
- Verify KYC - Issue verifications via API
- Add Administrators - Grant roles via API
- Configure Trusted Issuers (User Guide) - Web interface approach