VC use case
Temporary workforce access
Issue time‑bound credentials for contractors and short‑term staff.
- Government
- Mining
Overview
Organisations can issue temporary workforce credentials that prove role, training, and site clearance, then verify them at entry or system access points.
The verifier does not need to manually reconstruct the worker’s eligibility from emails, spreadsheets, and contractor portals. It needs a current proof that the worker is allowed to access a defined site, system, or task.
Why it matters
Short-term staff create high onboarding overhead and risk. Contractors, surge teams, seasonal workers, and project staff may need access quickly, but access must still expire and respond to changes in training, role, or engagement status.
Verifiable Credentials create a cleaner model:
- employers and training providers issue role, engagement, and training credentials
- workers present credentials at access points
- verifiers check current status before granting entry or system access
- credentials can expire automatically or be revoked when the engagement changes
Ecosystem roles
- Issuer: Employer, labour hire provider, site operator, or accredited training provider.
- Holder: Contractor, temporary worker, or short-term staff member.
- Verifier: Physical access systems, application services, site induction systems, and security teams.
- Trust governance: The rules that define accepted issuers, site scopes, training requirements, expiry, and revocation.
Trust decision
The verifier decision is narrow: can this temporary worker access this site, system, or task right now?
That decision may depend on engagement status, site assignment, role, training, clearance, expiry, and current revocation status.
Privacy and assurance
The verifier should request only the claims needed for the access decision. A gate entry decision may need site clearance and training proof; an application decision may need role and engagement status.
Assurance depends on checking issuer trust, credential binding, expiry, status, and whether the requested access is within scope.
Implementation notes
- Align credential expiry with contract, roster, or project dates.
- Keep training and clearance credentials separate where they are issued and revoked by different authorities.
- Define offline or degraded-mode behavior for remote sites.
- Record verification outcomes for audit without storing unnecessary personal or employment data.
- Objective
- Provide safe, time-bound access for temporary staff.
- Description
- Issue workforce credentials tied to role, site, training, and expiry, then verify them at access time.
- Actors
- Employer, labour hire provider, contractor, training provider, and site or system operator.
- Dependencies
- Training and clearance data sources, issuer trust registry, workforce credential schemas, status endpoints, and access policy.
- Preconditions
- The worker is engaged for the role and required training or clearance credentials are current.
- Postconditions
- Access is granted, denied, or escalated within the approved scope and duration.
flowchart LR
EMP@{icon: "tabler:building", label: "Employer", pos: "b"} -->|Issues workforce VC| WAL@{icon: "tabler:wallet", label: "Wallet", pos: "b"}
TRAIN@{icon: "tabler:certificate", label: "Training provider", pos: "b"} -->|Issues training VC| WAL
WAL -->|Present VCs| VER@{icon: "tabler:id-badge", label: "Access control", pos: "b"}
VER -->|Grant access| SITE@{icon: "tabler:helmet", label: "Site / system", pos: "b"}
sequenceDiagram
participant Employer
participant Trainer as Training provider
participant Wallet
participant Worker
participant Access as Access control
Employer-->>Wallet: Issue workforce VC
Trainer-->>Wallet: Issue training VC
Worker->>Access: Present credentials
Access-->>Worker: Access granted or denied
Talk to UNIFY