Skip to main content

EAA ConformanceETSI TS 119 472-1 (v1.2.1) clause 5.2.4.1

EAA-5.2.4.1-01:EAA may include the issuing_authority claim

  • may
  • Ordinary EAA
  • QEAA
  • PuB-EAA
  • SD-JWT VC
  • Issuer

Spec text

A SD-JWT VC EAA may include the issuing_authority claim, specified in CIR (EU) 2024/2977, table 5 Annex I, containing the name of the SD-JWT VC EAA issuer.

ETSI TS 119 472-1 (v1.2.1), clause 5.2.4.1, page 28.

In plain English

An SD-JWT VC EAA may carry an issuing_authority claim: a human-readable string naming the entity that issued the EAA. The claim is defined in CIR (EU) 2024/2977 Table 5, Annex I and is intended for surfacing in user interfaces and audit logs.

Why it matters

When an EAA travels without an attached qualified certificate (because that certificate is anchored in the trust framework rather than embedded in the wire format), issuing_authority is the only in-payload signal of who claims responsibility. UIs and verifiers commonly show or log this string for users.

Common mistakes

  • Setting issuing_authority to a technical issuer URL instead of the human-readable name.
  • Putting the issuing authority in a custom claim name instead of issuing_authority.
  • Including issuing_authority while the qualified certificate is also present (see EAA-5.2.4.1-03).

Conformance check

Auto-tested. Use the action in the sidebar to run a Self-Assessment for this control.

Last reviewed against ETSI TS 119 472-1 v1.2.1 on 2026-05-01.

iGrant.io’s EAA Issuer SDK handles this control out of the box. Talk to our team about closing your conformance gaps.

Chat on WhatsAppEmail support