Credentials Should Live Outside the LMS

Credentials Should Live Outside the LMS

Higher-ed RFPs have pushed digital credentials into another checkbox for LMS features. The LMS knows the course, the roster, the grades, and a certificate or badge is a logical feature addition. But the LMS-centrality has several limitations.

A course shell has a short life (12-14 weeks usually). It opens, runs, closes, gets copied forward, and eventually disappears. Platforms change, contracts end, and institutions often run multiple LMSes. Authentication systems get replaced and most importantly: students graduate and lose access to the accounts they used every day.

A credential has a different job. A student may need to share it years later, with an employer, a licensing body, another school, or a public profile that has nothing to do with their LMS from a decade ago.

If a badge only works while the old course shell exists, or while the learner can still sign into the LMS account that first issued it, it is not a durable object: it’s just an RFP checkbox for an LMS.

The LMS is a good place to observe learning activity and is often the right place to start issuance. The LMS can supply roster data, course context, assessment signals, and the administrative workflows institutions already trust. But once the rules are passed and it becomes a credential, it needs a home that can preserve it, verify it, export it, and provide the learner some (durable) control.

A few years ago, building the credential layer outside the LMS was harder to defend. The standards continued changing and wallet support was immature. Verifiable credentials felt more like standards work than usable campus software.

Now Open Badges 3.0 and the Verifiable Credentials 2.0 family exists. OpenID4VP and OpenID4VCI give issuers, holders, and verifiers a more definitive way to exchange credentials.

CredTrail fits in as an API-first, open-source credential service, not an LMS RFP checkbox. The public code is here: github.com/LongsightGroup/credtrail-app.

CredTrail keeps the badge page, verification route, and export options tied to the same public credential record.

The LMS can still trigger issuance; the credential just does not have to stay there. It can have a standards-based API, a stable verification route, portable credential data, and a path into learner-controlled wallets and profiles. It can survive course deletion, LMS migration, domain changes, and identity remapping.

A public badge wall keeps credentials visible and verifiable without forcing the learner back through the LMS that first issued them.

Open source and open standards are both important: if a school is going to treat digital credentials as durable learner records, staff should be able to inspect the code, run the system, and trace how verification works. A black box is a bad place to keep records that are supposed to outlast a vendor contract.

We picked boring pieces on purpose for the tech stack: TypeScript for a shared codebase across runtime profiles, Postgres for relational data and queue state, S3-compatible object storage for signed credential records, and both Cloudflare-hosted and Node + Docker deployment paths.

References

• CredTrail open-source repo: https://github.com/LongsightGroup/credtrail-app
• 1EdTech made Open Badges 3.0 publicly available in 2024: https://www.1edtech.org/1edtech-article/new-open-badges-30-standard-provides-enhanced-security-and-mobility/411060
• 1EdTech released CLR Standard 2.0 publicly in 2025: https://www.1edtech.org/1edtech-article/latest-comprehensive-learner-record-standard-improves-security-portability-and
• W3C advanced the Verifiable Credentials 2.0 family to Recommendation on May 15, 2025: https://www.w3.org/news/2025/the-verifiable-credentials-2-0-family-of-specifications-is-now-a-w3c-recommendation/
• OpenID for Verifiable Presentations 1.0 became final on July 10, 2025: https://openid.net/openid-for-verifiable-presentations-1-0-final-specification-approved/
• OpenID for Verifiable Credential Issuance 1.0 became final on September 16, 2025: https://openid.net/openid-for-verifiable-credential-issuance-1-final-specification-approved/