Copyright © 2023 Open Credentialing Initiative.
In November 2013, the U.S. Congress enacted the Drug Supply Chain
Security Act (DSCSA) in order to intercept drugs that may be
counterfeit, stolen, contaminated, or otherwise harmful and better
safeguard patient health. To ensure that only legitimate actors are part
of the supply chain, the regulation establishes a definition of
Authorized Trading Partners (ATPs) and associated licensing requirements
for different types of stakeholders. Not only must U.S. pharmaceutical
trading partners be authorized (as defined in the statute), but also to ensure that they only
interact with other trading partners that are also authorized.
The Open Credentialing Initiative (OCI) has come together to support the
industry-wide implementation and adoption of the architecture
demonstrated in the ATP Proof of Concept and Pilot conducted in 2020.
This architecture supports the ATP requirements of the DSCSA and employs
the use of W3C-standard Decentralized Identifiers, Verifiable
Credentials, Verifiable Presentations, Credential Revocation Registries,
and the necessary processes and information exchanges between
DSCSA-defined ATPs to establish mutual verification of identity and ATP
status.
This specification describes a Linked Data vocabulary for
asserting enterprise identity verification and ATP license status of
manufacturers, repackagers, wholesalers, third-party logistics providers (3PLs), and dispensers used to verify a counterparty
enterprise identity and to determine the ATP licenses of supply chain
actors. (Note that the JSON objects described later in this specification retain the 1.0.0 version number, as the changes in the 1.1.0 revision are limited to this specification document.)
This is a living document developed by OCl's Founding Members with input
from other OCI Charter Members, DSCSA Trading Partners, Solution
Providers, Associations, Standards Bodies and others interested in
implementing and contributing to the betterment of the W3C Verifiable
Credentials architecture piloted by the DSCSA ATP Pilot.
It is
anticipated that the contents of this document will be reviewed and
updated to address feedback related to compliance, business operations,
W3C and GS1 Standards, interoperability, changing legislation,
regulations, and policy.
Please open an issue, if you wish to collaborate on this OCI specification.
This specification describes a Linked Data vocabulary for asserting the
digital identity and ATP status of entities acting as trading partners
in the U.S. pharmaceutical supply chain. Based on that vocabulary,
trading partners are able to first acquire an identity credential and
second an ATP credential as a verifiable representation of their
authorized status. Both credentials are issued by a Credential Issuer
following the OCI Conformance Criteria for Credential Issuers.
A primary
goal of this specification is to standardize the creation of Verifiable
Credentials from standardized JSON-LD [[json-ld]] which is itself created from JSON
Schema definitions as would normally be passed of REST and other APIs.
This promotes code re-usage and establishes a pattern for the creation
of JSON-LD and related Verifiable Credentials derived from those JSON-LD
objects in a manner that is friendly to code and API development as well
as to promote better interoperability between vendors who serve common
or related markets.
The Vocabulary section covers each vocabulary item,
its properties, other attributes, and provides an example of a
Verifiable Credential for each item.
The OCI defines these design principles to narrow down the attributes included in the credential schema to OCI supported use cases.
If an attribute is needed only by the Credential Issuer to document the internal process of tracking or due diligence activities, the attribute does not need to be included in the credential schema.
Example: Hash value signature from person signing of the Due Diligence is not includedAn attribute is included if the value supports the application consuming credentials to perform certain logic or operational checks.
Example: Parent organization of the trading partner to provide the verifier context of the organizational structureThe OCI determines that the:
only applies to DSCSA ATP Credential schema because there’s a use case for consuming credential
applications to use these attributes to perform credential integrity checks.
However, these attributes do not apply to Identity Credential schema because usage of these associated
identifiers apply to Issuer’s internal due diligence and tracking processes but do not have current apparent
use for consuming Identity Credential application.
A thing with distinct and independent existence, such as a person, organization, or device that performs one or more roles in the ecosystem.
An identifier as defined by [[RFC3986]].
A decentralized identifier as defined by [[did-core]].
This vocabulary assumes all terms specified in the base Verifiable Credentials [[vc-data-model]] context.
You may find the latest json-ld vocabulary at:
https://open-credentialing-initiative.github.io/schemas/
Identity Credential assures that the Credential Issuer performs an identity verification process and that the subject DID is a trusted entity.
| Term | IdentityCredential |
| Full IRI | https://open-credentialing-initiative.github.io/schemas/credentials/IdentityCredential-v1.0.0.jsonld |
| Term | Description | Full IRI |
|---|---|---|
| Credential Type | Declares what data to expect in the credential | https://www.w3.org/2018/credentials/v1 |
| Credential ID | Identifier of the credential as a URN containing a unique UUID in version 4 UUID format such as the following example: urn:oci:uuid:6d7096c7-96ba-44e5-b448-ddd0364f6dc3 | https://www.w3.org/2018/credentials/v1 |
| Issuer DID | Decentralized Identifier of the credential issuer | https://www.w3.org/2018/credentials/v1 |
| Credential Issuance Date | Issuance date | https://www.w3.org/2018/credentials/v1 |
| Credential Expiration Date | Expiration date | https://www.w3.org/2018/credentials/v1 |
| Revocation | Details about mechanisms to check the credential status. | vc-status-2021-ldap:RevocationStatus2021LDAP |
| Revocation ID | Location of revocation list | https://github.com/Spherity/vc-status-2021-ldap |
| Revocation Type | Method for accessing revocation list | |
| Credential Claim Type | Property describing the type of the subject | DSCSAATPCredential |
| Subject DID | Identifier of the subject holding the credential | https://www.w3.org/2018/credentials/v1 |
| Issuer Signature | Digital proof mechanisms, a subset of which are digital signatures, are required to ensure the protection of a verifiable credential | https://www.w3.org/2018/credentials/v1 |
Subject company legal name. Entity that is able to send requests to other trading partners might not be a legal entity itself.
| Term | legalName |
| Full IRI | https://schema.org/legalName |
Credential Issuer company legal name. Name of the legal Entity that issued the Credential to the subject.
| Term | issuerName |
| Full IRI | https://schema.org/legalName |
Legal entity of the Credential subjects parent organization.
| Term | parentOrganization |
| Full IRI | https://schema.org/parentOrganization |
The street address is expressed as free form text. The street address is printed on paper as the first lines below the name. For example, the name of the street and the number in the street or the name of a building.
| Term | streetAddress |
| Full IRI | https://schema.org/streetAddress |
Text specifying the name of the locality; for example, a city.
| Term | addressLocality |
| Full IRI | https://schema.org/addressLocality |
Text specifying a province or state in abbreviated format; for example, NJ.
| Term | addressRegion |
| Full IRI | https://schema.org/addressRegion |
Text specifying the postal code for an address.
| Term | postalCode |
| Full IRI | https://schema.org/postalCode |
Text specifying the country for an address.
| Term | addressCountry |
| Full IRI | https://schema.org/addressCountry |
The DSCSA-ATP Credential represents and verifies a subject as an authorized trading partner.
| Term | DSCSAATPCredential |
| Full IRI | https://open-credentialing-initiative.github.io/schemas/credentials/DSCSAATPCredential-v1.0.0.jsonld |
| Term | Description | Full IRI |
|---|---|---|
| Credential Type | Declares what data to expect in the credential | https://www.w3.org/2018/credentials/v1 |
| Credential ID | Identifier of the credential as a URN containing a unique UUID in version 4 UUID format such as the following example: urn:oci:uuid:6d7096c7-96ba-44e5-b448-ddd0364f6dc3 | https://www.w3.org/2018/credentials/v1 |
| Issuer DID | Decentralized Identifier of the credential issuer | https://www.w3.org/2018/credentials/v1 |
| Issuer | Name of the Credential Issuer | https://www.w3.org/2018/credentials/v1 |
| Credential Issuance Date | Issuance date | https://www.w3.org/2018/credentials/v1 |
| Credential Expiration Date | Expiration date | https://www.w3.org/2018/credentials/v1 |
| Revocation | Details about mechanisms to check the credential status. | vc-status-2021-ldap:RevocationStatus2021LDAP |
| Revocation ID | Location of revocation list | https://github.com/Spherity/vc-status-2021-ldap |
| Revocation Type | Method for accessing revocation list | |
| Credential Claim Type | Property describing the type of the subject | DSCSAATPCredential |
| Subject DID | Identifier of the subject holding the credential | https://www.w3.org/2018/credentials/v1 |
| Issuer Signature | Digital proof mechanisms, a subset of which are digital signatures, are required to ensure the protection of a verifiable credential | https://www.w3.org/2018/credentials/v1 |
Type of credential subject, can be Manufacturer, Repackager, Wholesaler, 3PL, or Dispenser.
Under the DSCSA, a trading partner can fit into one or more ATP categories, depending on their business practices. Only one Organization Type can be specified in a credential. In many cases, OCI expects that organizations will wish to have only a single ATP credential with its single Organization Type. For example, a Wholesaler with 3PL and repackaging divisions may face up to the ATP community as a Wholesaler, if that aligns with their business practices. This is because their primary business function is as a Wholesaler, and the sole use of a Wholesaler credential suits their needs (e.g. reduced complexity for IT and internal operations).
In other circumstances, an ATP may select to have the option to present more than one role. If, for example, an entity is a Manufacturer and a Wholesaler, they may desire to have an ATP credential for each role (e.g. this may prevent the appearance that a manufacturer is seeking information on another manufacturer's products when it was their wholesale division seeking the information.) In this case, the Issuer would verify as part of their due diligence that the company is licensed for both roles, and issue two separate ATP credentials.
As this decision ultimately relies on ATP business practices, OCI makes no recommendations with regard to multiple ATP credentials.
| Term | organizationType |
| Full IRI | https://schema.org/additionalType |
Subject company legal name. Entity that is able to send requests to other trading partners might not be a legal entity itself.
| Term | legalName |
| Full IRI | https://schema.org/legalName |
Credential Issuer company legal name. Name of the legal Entity that issued the Credential to the subject.
| Term | issuerName |
| Full IRI | https://schema.org/legalName |
The street address is expressed as free form text. The street address is printed on paper as the first lines below the name. For example, the name of the street and the number in the street or the name of a building.
| Term | streetAddress |
| Full IRI | https://schema.org/streetAddress |
Text specifying the name of the locality; for example, a city.
| Term | addressLocality |
| Full IRI | https://schema.org/addressLocality |
Text specifying a province or state in abbreviated format; for example, NJ.
| Term | addressRegion |
| Full IRI | https://schema.org/addressRegion |
Text specifying the postal code for an address.
| Term | postalCode |
| Full IRI | https://schema.org/postalCode |
Text specifying the country for an address.
| Term | addressCountry |
| Full IRI | https://schema.org/addressCountry |
This attribute pair is OPTIONAL. it can be used to associate an identifier with the Subject DID of the credential. As an example, a company's GLN can be associated with their GLN which is used in TI/TS EPCIS events and PI Verification request and response messages. This can be used as an additional integrity check of the PI Verification request or response message as the Associated Identifier Value should match the Requester GLN or Responder GLN. It can also be used as an audit aid in collecting all communications about a product (connects EPCIS, PI Verifications, and future Trace messages).
| Term | identifier |
| Full IRI | https://schema.org/identifier |
Verifiable Presentations may be used to combine and present credentials. They can be packaged in such a way that the authorship of the data is verifiable. OCI generates a Verifiable Presentation after [[vc-data-model]] specification.
| Term | Description | Full IRI |
|---|---|---|
| jti | This field represents the id property of the verifiable presentation being generated. | https://w3c.github.io/vc-data-model/#jwt-encoding |
| iss | Represents the holder property of the verifiable presentation being generated. | https://w3c.github.io/vc-data-model/#jwt-encoding |
| aud |
Verifiable Presentation Audience. We might include PI_Verification in this field to represent that this VP
is used in this context
We might include ATP_DSCSA in this field to represent that this VP is used in this context |
https://w3c.github.io/vc-data-model/#jwt-encoding |
| iat | Issuance Date of the VP in EPOCH format | Used for determining whether or not the VP is valid by including the OCI validity time frame defined in Digital Wallet Conformance Criteria | https://w3c.github.io/vc-data-model/#jwt-encoding |
| nbf | Issuance Date of the VC in EPOCH format | https://w3c.github.io/vc-data-model/#jwt-encoding |
| exp | Expiration Date of the VC in EPOCH format | https://w3c.github.io/vc-data-model/#jwt-encoding |
| vp | Contains the Verifiable Presentation | https://w3c.github.io/vc-data-model/#jwt-encoding |
| vp.type | The type property is required and expresses the type of presentation, such as VerifiablePresentation. | https://w3c.github.io/vc-data-model/#presentations-0 |
| vp.verifiableCredential | The VerifiableCredential (including all attributes) that are represented by this VP | https://w3c.github.io/vc-data-model/#presentations-0 |
| nonce | Contains the corrUUID for which the VP has been generated for. | https://www.iana.org/assignments/jwt/jwt.xhtml |