For Verifiable Presentation

Last updated 1 year ago

Was this helpful?

For Verifiable Presentation

List of endpoints that assist holder wallet and verifier to participate in the protocol. Built on top of OAuth 2.0, it allows a client (wallet) to present claims in the form of . Currently, credentials and presentations in JWT format (vc-jwt, vp-jwt) are supported.

The endpoints provided are to support the following high-level verification flow.

The flow centers around the creation and exchange of a Request and a Response object, by the verifier and holder (wallet) respectively. The endpoints are categorised under these two headings.

Prerequisites

Who can use this?

Used by organisations (verifiers) and users (holders) in a verification flow using the OpenID Connect protocol.

Request

List of endpoints to help create and verify the part of the verification flow.

Create Presentation Requests

Creation of a presentation request.

Endpoint

POST /oidc/presentations/requests

Request

Organisation (header, optional)
Name – title string
Description – explains the purpose for which the request is created
Verifier
- Name
Expiration Date – timestamp the request token expires
Redirect Base URI

Responses

The presentation request object that includes an unsigned JWT. The client calling this endpoint (e.g. verifier system) is responsible for adding the signature.

Update Presentation Request

Update an existing presentation request by ID.

Endpoint

PUT /oidc/presentations/requests/{id}

Request

Request ID
Organisation (header, optional)
Signed request JWT

Responses

The updated presentation request object.

Read Presentation Request JWT

Public endpoint that returns the (signed) presentation request JWT.

Endpoint

GET /oidc/presentations/requests/{id}/jwt

Request

Request ID

Responses

Signed presentation request JWT token.

Verify Presentation Request

Verification of the SIOP token. The steps performed during this verification are:

Resolve verifier DID
Verify request signature
Extract the presentation definition uri
- Verify presentation definition structure

Endpoint

POST /oidc/presentations/requests/verify

Request

Signed presentation request JWT

Responses

The result of the verification, either true or false.

Response

Create Presentation Response

Generate id_token for request submission based on the Wallet information and the verifiable presentation token

Endpoint

POST /oidc/presentations/token

Request

Presentation Request JWT

Responses

The presentation response object that includes two unsigned JWT, id_token and vp_token. The client calling this endpoint (e.g. holder wallet) is responsible for adding the signatures for each token.

Verify Presentation Response

Verify the presentation response to a given request. The steps performed are:

Verify ID Token
Verify VP Token
Verify if the response is valid for the given request, i.e. if it matches the presentation definition from the request

Endpoint

POST /oidc/presentations/response/verify

Request

Presentation Request JWT
Signed ID Token
Signed VP Token

Responses

The result of the verification, either true or false. In case of false, all errors are provided, with an explanation.

Last updated 1 year ago

Was this helpful?

The endpoints provided are to support the following high-level verification flow.

The flow centers around the creation and exchange of a Request and a Response object, by the verifier and holder (wallet) respectively. The endpoints are categorised under these two headings.

Prerequisites

Who can use this?

Used by organisations (verifiers) and users (holders) in a verification flow using the OpenID Connect protocol.

Request

List of endpoints to help create and verify the part of the verification flow.

Create Presentation Requests

Creation of a presentation request.

Endpoint

POST /oidc/presentations/requests

Request

Organisation (header, optional)
Name – title string
Description – explains the purpose for which the request is created
Verifier
- Name
Expiration Date – timestamp the request token expires
Redirect Base URI

Responses

The presentation request object that includes an unsigned JWT. The client calling this endpoint (e.g. verifier system) is responsible for adding the signature.

Update Presentation Request

Update an existing presentation request by ID.

One of the options is to use the platform to host the (signed) request (see ). The request parameters itself can't be updated, only the signed request JWT.

Endpoint

PUT /oidc/presentations/requests/{id}

Request

Request ID
Organisation (header, optional)
Signed request JWT

Responses

The updated presentation request object.

Read Presentation Request JWT

Public endpoint that returns the (signed) presentation request JWT.

Endpoint

GET /oidc/presentations/requests/{id}/jwt

Request

Request ID

Responses

Signed presentation request JWT token.

Verify Presentation Request

Verification of the SIOP token. The steps performed during this verification are:

Resolve verifier DID
Verify request signature
Extract the presentation definition uri
- Verify presentation definition structure

Endpoint

POST /oidc/presentations/requests/verify

Request

Signed presentation request JWT

Responses

The result of the verification, either true or false.

Response

List of endpoints to help create and verify the part of the verification flow.

Create Presentation Response

Generate id_token for request submission based on the Wallet information and the verifiable presentation token

Endpoint

POST /oidc/presentations/token

Request

Presentation Request JWT

Responses

Verify Presentation Response

Verify the presentation response to a given request. The steps performed are:

Verify ID Token
Verify VP Token
Verify if the response is valid for the given request, i.e. if it matches the presentation definition from the request

Endpoint

POST /oidc/presentations/response/verify

Request

Presentation Request JWT
Signed ID Token
Signed VP Token

Responses

The result of the verification, either true or false. In case of false, all errors are provided, with an explanation.