Skip to content

Portfolio Issuer — Schema Documentation

Table of Contents

1. About this Document

This document defines the Portfolio Issuer schema — a structured data model for verifiable credentials that authorize professionals to create homeowner portfolios, issue credentials, and approve homeowner onboarding to the Cornerstone Network on behalf of Network Partners. It is intended for governance reviewers, schema implementers, credential issuers, and verifier application developers evaluating whether this schema meets their requirements.

The Portfolio Issuer schema captures a delegation of authority from a Network Partner to an individual professional, defining what they are authorized to do within the ecosystem.

1.1 Version History

Ver. Date Notes Author(s)
1.0 18-Mar-2026 Rewritten as schema documentation; governance body perspective Mathieu Glaude
0.9 26-Feb-2026 Simplified to 7 attributes; removed redundant fields Mathieu Glaude

↑ Back to top

2. Schema Overview

The Portfolio Issuer schema defines the data structure for a verifiable credential that authorizes a professional to create homeowner portfolios, issue Cornerstone ID and Home Credentials, and approve homeowner onboarding on behalf of a Network Partner. This schema captures the delegation of authority — not the professional's identity or licensing status, which are handled by the Cornerstone ID and Accreditation Credential schemas respectively.
Schema: Portfolio Issuer v1.0
Format: W3C Verifiable Credentials (JSON-LD)
Governance Body: Cornerstone Network
Schema URI: https://trustinfrastructure.com/cornerstone/schemas/portfolio-issuer.json

2.1 Attribute Summary

# Name Attribute Data Type Required
001 Cornerstone ID Ref cornerstone_id DID / URI Yes
002 Portfolio Issuer ID portfolio_issuer_id String (UUID) Yes
003 Network Partner ID network_partner_id String (UUID) Yes
004 Network Partner Name network_partner_name String Yes
005 Granted Date granted_date String (date) Yes
006 Granting Authority granting_authority String Yes
007 Scope scope JSON object No

↑ Back to top

3. Schema Definition

3.1 Attributes

Cornerstone ID Reference (001)

Attributecornerstone_id
DescriptionDID or URI reference to the holder's verified Cornerstone ID credential. Binds this credential to a verified identity without embedding identity attributes.
Data TypeDID / URI
RequiredYes
Examplesdid:web:trustinfrastructure.com:cornerstone:id:a8f3b2c1

Portfolio Issuer ID (002)

Attributeportfolio_issuer_id
DescriptionPlatform-generated unique identifier for this portfolio issuer authorization.
Data TypeString (UUID)
RequiredYes
Examples7f3a9b2c-4d5e-6f78-90ab-cdef12345678

Network Partner ID (003)

Attributenetwork_partner_id
DescriptionIdentifier of the Network Partner granting portfolio issuer authority.
Data TypeString (UUID)
RequiredYes
Examplesb2c3d4e5-f678-90ab-cdef-123456789abc

Network Partner Name (004)

Attributenetwork_partner_name
DescriptionHuman-readable name of the Network Partner.
Data TypeString
RequiredYes
ExamplesSutton Group, Royal LePage

Granted Date (005)

Attributegranted_date
DescriptionDate the portfolio issuer authority was granted, in ISO 8601 format.
Data TypeString (YYYY-MM-DD)
RequiredYes
Examples2026-03-15

Granting Authority (006)

Attributegranting_authority
DescriptionEntity that granted the portfolio issuer authority — typically the Network Partner name or "Cornerstone Network" for direct grants.
Data TypeString
RequiredYes
ExamplesSutton Group, Cornerstone Network

Scope (007)

Attributescope
DescriptionOptional geographic or organizational restrictions on the portfolio issuer's authority. Contains arrays for regions, offices, service_areas, and property_types.
Data TypeJSON object
RequiredNo
Examples{"regions": ["BC"], "offices": ["Surrey"], "service_areas": [], "property_types": []}

↑ Back to top

4. Data Source Requirements

Credentials issued under this schema are expected to draw from the following authoritative sources.

4.1 Identity Binding

The cornerstone_id attribute references a separately issued Cornerstone ID credential. This schema does not embed identity attributes directly.

4.2 Authorization Source

Authorization data (network_partner_id, network_partner_name, granted_date, granting_authority, scope) is provided by the Network Partner's administrative decision. The Network Partner confirms the professional's authorization to act on their behalf before a credential is issued.

4.3 Data Currency

  • A credential reflects the authorization state at the time of issuance.
  • Authorization termination, scope changes, or Network Partner membership changes require credential revocation.
  • Expiration period: 1–3 years (per Network Partner or Cornerstone Network policy).

↑ Back to top

5. Status Management

This schema requires credentials to implement W3C Bitstring Status List v1.1 for lifecycle management, with separate bitstrings for revocation and suspension.

Event Action Status Handling
Authorization granted Issue credential Index set to 0 (valid)
Authorization terminated by NP Revoke Revocation bit = 1 (permanent)
Organization affiliation ends Revoke Revocation bit = 1 (permanent)
Cornerstone ID revoked Revoke Revocation bit = 1 (permanent)
Investigation pending Suspend Suspension bit = 1 (reversible)
Investigation cleared Reinstate Suspension bit = 0
Scope change Revoke + re-issue Old revoked; new credential index = 0
NP membership ends Revoke Revocation bit = 1 (permanent)

Post-revocation: Existing portfolios created by the holder remain valid. New portfolio creation is blocked.

↑ Back to top

6. Design Rationale

Removed canIssuePortfolios: This boolean was always true — the credential's existence already indicates authorization. Redundant boolean fields are an anti-pattern.

Removed professional_credential_ref: Following the independent credential design principle, the Portfolio Issuer does not reference the Professional Credential. A holder may possess one, the other, or both.

Removed issuer_type: Single type for initial release. If multiple issuer types emerge, the schema can be extended with a minor version bump.

Removed portfolio_issuer_evidence: Evidence moved to the credential envelope's evidence array per W3C standard practice, rather than duplicating as a credential subject attribute.

Capabilities granted by this credential: Portfolio creation authority, homeowner approval, Cornerstone ID and Home Credential issuance, data source integration initiation, portfolio branding rights, referral fee earning eligibility.

↑ Back to top

7. Governance

  • Governance Body: Cornerstone Network
  • Schema Owner: Cornerstone Network
  • Review Cycle: Annual, or upon breaking schema changes
  • Change Process: Schema updates follow a change-managed governance process to ensure interoperability across all adopting organizations

Credential Independence

This schema operates independently of the Professional Credential and Accreditation Credential schemas. A holder may possess a Portfolio Issuer credential without holding either of those.

↑ Back to top

8. Implementation References

Reference Value
Technical Format W3C Verifiable Credentials Data Model (JSON-LD)
Schema URI https://trustinfrastructure.com/cornerstone/schemas/portfolio-issuer.json
Context URLs https://www.w3.org/ns/credentials/v2
https://trustinfrastructure.com/cornerstone/contexts/portfolio-issuer-v1.0.json
Schema Registry https://trustinfrastructure.com/cornerstone/schemas/
Governance Doc https://openpropertyassociation.ca/credential-governance/portfolio-issuer/

Required Envelope Fields

Credentials issued under this schema must include: - issuer — DID of the issuing organization - validFrom and validUntil — temporal bounds (1–3 year expiration) - credentialSchema — reference to this schema - credentialStatus — revocation and suspension bitstring entries

Credential Relationships

Relationship Credential
References Cornerstone ID
Independent of Professional Credential, Accreditation Credential

↑ Back to top