The operational walkthrough for credentialing authorities. What your team does to issue credentials on Oliu™ — from accreditation, through schema design and integration, to credentials in the hands of the people who earned them.
A credential moves through five stages, from the moment your organization joins the network to the moment it's verified in the field. The first four stages are where your team's operational work lives. The fifth is where that work pays off — when a credential your team signed is confirmed in seconds, anywhere in Canada.
Before your organization can issue credentials on Oliu™, Oliu™ reviews and accredits you. This confirms who you are, what you have the authority to issue, and that you can meet Oliu™'s requirements for credential signing and key management.
Oliu™'s accreditation review covers three things: the organization's legal identity and legitimacy; the authority under which your organization issues credentials in its domain (statutory, delegated, or sector-recognized); and the security posture appropriate to how your organization will issue — including how signing keys will be managed.
Corporate documentation, evidence of credentialing authority, a technical contact, and a designated accountable executive. Oliu™ provides a checklist during onboarding; the documentation is typically already on hand at your organization.
Accreditation takes from days to a few weeks, depending on your organization's readiness. The timeline is deliberate — accreditation is what makes every credential your organization issues on Oliu™ trustworthy to the other side of the network.
A credential schema defines exactly what a specific credential contains. Workplace Safety Ticket. First Aid Level C. Professional Engineering Licence. Each has its own schema — the specific fields, the data types, the validity periods, the conditions that apply.
The credential name, the issuer name, the fields the credential captures (holder identity, completion date, validity period, conditions), any optional fields, and the rules for how fields are populated.
Your team works with Oliu™ to define the schema for each credential type you plan to issue. Oliu™ provides templates for common credential patterns — safety tickets, first aid, professional licences, training completions. Where your organization issues credentials that don't fit existing templates, schemas are designed together.
A well-designed schema is what lets a verifier anywhere in Canada understand exactly what the credential confirms. It's also what lets selective disclosure work — a holder can share only the fields a verifier needs, rather than the whole credential. Schemas are designed once, then reused.
Your organization integrates with Oliu™ through the path that matches your existing infrastructure.
Your organization's systems call the Oliu™ API directly to issue credentials. This is the most flexible option — your team's developers use the same tools and patterns they use for any other API integration. Full technical detail on the Integration & APIs page.
See integration optionsMany credentialing authorities already use a learning management system, association management system, credential management system, or compliance management system. Oliu™'s architecture supports integration with these platforms so your team can issue credentials from within the system they already use. At launch, specific integrations are limited — custom integration work may be required for your specific platform. Oliu™ prioritizes integration development based on the systems founding-cohort issuers bring to the network.
Integration for direct API or partner-system paths typically takes days to a few weeks, depending on your organization's environment and the integration path chosen.
With accreditation complete, schemas defined, and the integration path connected, your organization is ready to issue credentials. Here's what happens each time.
A learner completes training. A professional passes certification. A regulator licenses a practitioner. Whatever event qualifies someone to hold a credential your organization issues, that event is the issuance trigger.
Your system sends an issuance request to Oliu™ — through the API or through your partner platform. The request contains the credential data for a specific holder, against the schema you've defined.
Oliu™ processes the request: the credential is signed with your organization's cryptographic key, registered on the network (so it can be verified), and delivered to the holder's Oliu™ Wallet. The holder receives a notification.
Your system receives a confirmation that the credential has been issued, with a unique credential reference. Your organization retains a record of the issuance through your integration — either directly in your own system, or through the API response and webhook events Oliu™ sends as credentials move through their lifecycle.
Issuance happens in real time. The credential is in the holder's wallet within seconds of your system's request.
Verification is not an operational step your team performs. It's what happens after issuance — the reason the work you did in stages 1–4 matters.
Once your organization has issued a credential, a verifier anywhere in Canada can confirm it in seconds. An employer checking a hire. A site supervisor before a shift. A regulator during an inspection. A counterpart regulator in another province. Each scans a QR code from the holder's wallet; each sees a cryptographic confirmation that the credential was issued by your organization, has not been altered, and is current.
Verification does not contact your organization. Your team does not answer phone calls, look up records, or respond to email queries about whether a credential is real. That burden is replaced by infrastructure.
Your organization does retain visibility into how credentials are being verified, through aggregate activity data delivered via the API and webhook events — not who verified what specific credential, but the patterns of how credentials your organization issued are being used. Privacy is preserved at the holder level; operational visibility is preserved at the issuer level.
After your first credentials are issued, a few operational activities recur.
Credentials can be updated, renewed, or revoked. An expiring credential can be re-issued. A credential issued in error or withdrawn for cause can be revoked, and the revocation is visible to any verifier from that point forward.
Schemas evolve as credentialing practices evolve. Minor revisions — a new field, a changed validity period — are straightforward. Major revisions are designed together with Oliu™ to maintain continuity for credentials already in the field.
If your organization manages its own signing keys, Oliu™ provides tooling and documented procedures for key rotation, key recovery, and key retirement. If Oliu™ manages keys on your organization's behalf, rotation and recovery happen automatically under documented procedures.
The Oliu™ API provides a full audit trail of every credential issued, every update, every revocation. Your organization retains this record within your integration. Aggregate verification activity is delivered through the same API.
Oliu™ provides implementation and operational support to every accredited issuer. During onboarding, your organization is paired with an Oliu™ technical contact who stays with you through accreditation, schema design, integration, and first issuance.
Post-launch, Oliu™ provides tiered technical support, documented SLAs for platform availability, and access to Oliu™'s engineering team for issues that require it. Service levels are described in the operating agreement signed at accreditation.