Learn

MATTR VII API (v3.4.0)

Download OpenAPI specification:Download

E-mail: dev-support@mattr.global

Introduction

The MATTR VII API defines a set of capabilities that can be used to manage and interact with a MATTR VII tenant. This includes managing a Verifiable Credential across its lifecycle (issue-hold-verify) as well as various tenant administration and management tasks such as setting up a custom domain, creating DIDs and configuring issuance and verification workflows.

Getting Started with our APIs

As a MATTR VII user, you are provided with the following details, required for accessing and engaging with your MATTR VII tenant:

{
  "audience": "YOUR_AUDIENCE_URL",
  "auth_url": "YOUR_AUTH_URL",
  "tenant_url": "YOUR_TENANT_URL",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET"
}
  1. Use the auth_url, audience, client_id and client_secret to obtain an access token.
  2. To make a request to your tenant, suffix the tenant_url with the endpoint route and include the obtained access token as a header bearer token. For example:
GET https://{tenant_url}/v1/dids

Pagination

Most list operations in the API enable cursor pagination using the cursor and limit query parameters:

Example on Retrieve List of Credentials

GET https://{tenant-url}/core/v2/credentials
?limit=100
&cursor=Y3JlYXRlZEF0PTIwMjAtMTAtMDhUMjMlM0ExMyUzQTE3Ljg5NtZGUxZWEyNzQ4MWI4
  • limit: determines how many entries are returned in that request, with a maximum value of 1000.
  • cursor: sets the location in the retrieved list to get the next batch of entries from. This is based on the returned nextCursor, found at the beginning of each returned range and identifies the last object in the list.

Requesting an entry after the last list value will return an empty data object:

{
"data": []
}

Not providing a query parameter defaults the response to return the first range of entries with a limit of 100.

Authorization

Access to the API is granted by our authorization provider. Use the auth_url, audience, client_id and client_secret provided with your tenant details to make a request to receive a bearer token from the auth provider. This token must then be used as an authorization header for all requests to protected endpoints (this is required for the majority of operations).

bearerAuth

Security Scheme Type: HTTP
HTTP Authorization Scheme bearer
Bearer format: "JWT"

bearerAuthOpenIdCredentials

Security Scheme Type: HTTP
HTTP Authorization Scheme bearer