Support configuration to enable the issuance of multiple verifiable credentials based on a directory attribute

[mjspi]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

See the following: Issue Multiple Credentials to a User Based on a Directory Attribute

New or Affected Resource(s)

pingone_credential_type

Potential Terraform Configuration

# Copy-paste your PingOne related Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

# Remember to replace any account/customer sensitive information in the configuration before submitting the issue
resource "pingone_credential_type" "examplecredential" {
  environment_id   = pingone_environment.my_environment.id
  title            = "ExampleCredential"
  description      = "Example Credential"
  card_type        = "ExampleCredential"
  revoke_on_delete = true

  card_design_template = <<-EOT
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 740 480">
.
.
.
</svg>  
EOT

  metadata = {
    name               = "ExampleCredential"
    description        = "Example Credential"
    bg_opacity_percent = 100

    background_image = pingone_image.examplecredential-background_image.uploaded_image[0].href
    logo_image       = pingone_image.examplecredential-logo_image.uploaded_image[0].href

    card_color = "#ffffff"
    text_color = "#000000"

    # New metadata configuration block
    multiple = {
        expression = "$${user.credit_cards['branded']}"
    }

    fields = [
      {
        type       = "Directory Attribute"
        title      = "givenName"
        attribute  = "name.given"
        is_visible = false
      },

      # New directory attribute configuration options
      # NOTE: PEL expression may be moved to a separate property after additional review
      # The current example aligns exactly to the existing API.
      {
        type       = "Directory Attribute"
        title      = "oem_merchant"
        is_visible = false
        attribute  = "$${user.credit_cards['branded'][__ITERATOR__].oem_merchant}" # allow PEL in existing property aligning to api
        default    = "Default OEM Merchant Value" # new property
      },

      {
        type       = "Directory Attribute"
        title      = "user_id"
        is_visible = false
        attribute  = "$${user.credit_cards['branded'][__ITERATOR__].user_id}" # allow PEL in existing property aligning to api
      },
    ]
  }
}

References

• PingOne Credentials | Credential Types
• SDK Doc - TBC