light-mode-image
Learn
MATTR VII PlatformCWT

Verify a CWT credential

Verify a CWT credential by providing the encoded payload and specifying verification options.

You can provide a valid CWT credential as either an encoded string or a QR code in a PDF document or an image file.

Standard checks performed on all verification requests:

  • Conformance of the string and encoded data. All string representations of CWT credentials must be prefixed with CSC/1.
  • Decoded payload structure is a valid CWT credential.
  • Issuer DID can be used to resolve its did.json document.
  • Public key from issuer's did.json document validates the proof signature, confirming the credential has not been tampered with.

Optional parameter checks:

  • Credential was issued by a trusted issuer.
  • Current time is after the beginning of the credential validity period.
  • Current time is not after the end of the credential validity period.
  • Credential has not been revoked.

Analytics Events

CREDENTIAL_COMPACT_VERIFY_STARTCREDENTIAL_COMPACT_VERIFY_SUCCESSCREDENTIAL_COMPACT_VERIFY_FAIL

Roles

adminverifier
POST/v2/credentials/compact/verify

Authorization

AuthorizationBearer <token>

In: header

Request Body

payloadstring

The CWT credential to verify, represented as an encoded string.

trustedIssuers?array<string>

When you include issuers' DIDs in this array, credentials will only be verified if their iss value matches one of these DIDs. You can include multiple trusted issuers, separated by commas.

assertValidFrom?boolean

MATTR VII validates the credential's nbf (not before) field by default, so that credentials that have a future nbf date will not be verified. When this field is set to false, credentials can be verified even when their nbf date is in the future.

Defaulttrue
assertValidUntil?boolean

MATTR VII validates the credential's exp (expiry) field by default, so that expired credentials will not be verified. When this field is set to false, credentials can be verified even when their exp date has passed.

Defaulttrue
checkRevocation?boolean

MATTR VII checks the credential revocation status by default, so that revoked credentials will not be verified. When this field is set to false, credentials can be verified even when they had been revoked.

Defaulttrue

Response Body

curl -X POST "https://example.vii.au01.mattr.global/v2/credentials/compact/verify" \  -H "Content-Type: application/json" \  -d '{    "payload": "CSC:/1/2KCE3IQEJB5DCMSLN5KWKZABE2QFQRVDAF4CIZDJMQ5HOZLCHIYDGOJUFUYTENJNGIZTOLJVGIWTCMJQFZXGO4TPNMXGS33ENZQW2ZLEJJXWQ3QH3BAFB3LISHKGQ2KBJ6Q35NXZFD6LGZ2YIAYHZAKCF7NKTIUZUTZQ3PWDBALAWVRG5XL2H4P4WFK25X3Y5X5RTN7NOZUST67KLCEFS3EPXQU5KM7VUGOPXJLQ6K5U676PMQNWRZCZ"  }'
{
  "verified": true,
  "decoded": {
    "iss": "did:web:organization.com",
    "nbf": 1645743759,
    "exp": 1646743759,
    "iat": 1645743759,
    "jti": "6tVMmKodQNaLywW6NGA2aA",
    "type": "CredentialType",
    "property1": "...",
    "property2": "..."
  },
  "error": {
    "type": "string",
    "message": "string",
    "details": {}
  }
}
{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}
Empty
Empty

How would you rate this page?

Retrieve presentation session result GET

Previous Page

Verify a Semantic CWT credential POST

Next Page