LEAR Credential powers

LEAR Credential Employee and LEAR Credential Machine credentials grant specific permissions known as “powers.”
Each power consists of a function and one or more actions, which enable specific capabilities.

For example, the power “Onboarding – Execute” (i.e., function: Onboarding, action: Execute) in a LEAR Credential Employee allows the user to log in to the Issuer and also to the Marketplace as an Administrator.

Below is a list of available powers and their corresponding functionalities:

"Onboarding" function

"Execute" action

-A LEAR Credential Employee with this power allows to login to the Issuer UI and to issue credentials for other employees. Check the login guide.

-A LEAR Credential Machine with this power allows to perform the M2M authentication process. See this guides:

• Verifier M2M Integration guide: https://knowledgebase.dome-marketplace.eu/books/verifier-m2m-integration-guide/page/1-introduction 
• Authorization Code Flow + PKCE (public client) 
• Authorization Code Flow withclient_secret_jwt (confidential client

"Product Offering" function

"Create" action

"Update" action

"Delete" action

"Certification" function

"Attest" action

• A LEAR Credential Employee or LEAR Credential Machine with this power can be used to issue a Gx:Label:Credential

"Upload" action

• A LEAR Credential Employee or LEAR Credential Machine with this power can be used to upload a Gx:Label:Credential to certify a product in the DOME Marketplace.