MATTR VII Platform API (v5.0.0)
Download OpenAPI specification:Download
The MATTR VII API defines a set of capabilities that can be used to manage and interact with a MATTR VII tenant. This includes managing a Verifiable Credential across its lifecycle (issue-hold-verify) as well as various tenant administration and management tasks such as setting up a custom domain, creating identifiers and configuring issuance and verification workflows.
As a MATTR VII user, you are provided with the following details, required for accessing and engaging with your MATTR VII tenant:
{
"audience": "YOUR_AUDIENCE_URL",
"auth_url": "YOUR_AUTH_URL",
"tenant_url": "YOUR_TENANT_URL",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET"
}
- Use the
auth_url
,audience
,client_id
andclient_secret
to obtain an access token. - To make a request to your tenant, suffix the
tenant_url
with the endpoint route and include the obtained access token as a header bearer token. For example:
GET https://{tenant_url}/v1/dids
Most list operations in the API enable cursor pagination using the cursor
and limit
query parameters:
Example on Retrieve List of Credentials
GET https://{tenant-url}/core/v2/credentials
?limit=100
&cursor=Y3JlYXRlZEF0PTIwMjAtMTAtMDhUMjMlM0ExMyUzQTE3Ljg5NtZGUxZWEyNzQ4MWI4
limit
: determines how many entries are returned in that request, with a maximum value of 1000.cursor
: sets the location in the retrieved list to get the next batch of entries from. This is based on the returnednextCursor
, found at the beginning of each returned range and identifies the last object in the list.
Requesting an entry after the last list value will return an empty data
object:
{
"data": []
}
Not providing a query parameter defaults the response to return the first range of entries with a limit
of 100.
Access to the API is granted by our authorization provider. Use the auth_url
, audience
, client_id
and client_secret
provided with your tenant details to make a request to receive a bearer token from the auth provider. This token must then be used as an authorization
header for all requests to protected endpoints (this is required for the majority of operations).