Sign a message
Accepts a message payload and signs it with a JWS (JSON Web Signature) using the a specific key from the DID (Decentralized Identifier) provided in the request.
Analytic events
- MESSAGING_SIGN_START
- MESSAGING_SIGN_SUCCESS
- MESSAGING_SIGN_FAIL
Request Body schema: application/jsonrequired
Sign message request
Message signed
Error signing message
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
{- "didUrl": "did:web:organization.com#2vcj3MjR4d",
- "payload": {
- "msg": "this is a message"
}
}
- 200
- 400
"eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDprZXk6ejZNa21mazNtMldIQlVxVm94SlZ3R1NQejVrYmFKNnpBMXRwN1JRWUJiUUdtczNoI3o2TWttZmszbTJXSEJVcVZveEpWd0dTUHo1a2JhSjZ6QTF0cDdSUVlCYlFHbXMzaCJ9.eyJtc2ciOiJUaGlzIGlzIGEgcGF5bG9hZCJ9.5E9qEmmSOMHLABAr4A9VzuNKFaO4EDo2GSCMoxQm9zsE7eCmEEuaAxtNhOUdd-Wvj64vqBBVl84XB1Yg7X9wBg"
Verify a message
Verifies the signature of a provided JWS (JSON Web Signature), validating that the payload has not been tampered with and verifying that the kid in the JWS header is the same as the iss
value in the Request Object.
One use case for verifying a JWS with a DID is when the Mobile Wallet App sends a Request Object to an OpenID Provider as part of the Authorization Code Flow (as per https://openid.net/specs/openid-connect-core-1_0-final.html#RequestObject). The Request Object is wrapped in a JWS with a signature that is generated from the Subject DID on the mobile app. Therefore verifying the JWS proves that the mobile app has access to the private key of the Subject DID.
Analytic events
- MESSAGING_VERIFY_START
- MESSAGING_VERIFY_SUCCESS
- MESSAGING_VERIFY_FAIL
Verification successful
Invalid JWS
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
{- "jws": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}
- 200
- 400
{- "payload": "payload",
- "didUrl": "did:web:organization.com#2vcj3MjR4d",
- "did": "did:web:organization.com",
- "verified": true,
- "signerPublicJwk": {
- "kty": "OKP",
- "crv": "Ed25519",
- "x": "oQvDM6MvUdcgRCqKGJOgteRC9U06_x7bFtY0T-MJ1rQ"
}
}
Encrypt a message
Encrypts the provided payload using into a JWM (JSON Web Message) format.
Analytic events
- MESSAGING_ENCRYPT_START
- MESSAGING_ENCRYPT_SUCCESS
- MESSAGING_ENCRYPT_FAIL
Request Body schema: application/jsonrequired
Encryption parameters
Message encrypted
Bad Request
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
{- "senderDidUrl": "did:web:learn.vii.au01.mattr.global#z6LShWb1DVC2gkxoQ91VwHmNhci2A4NdVH4srFvLiTP6ETBK",
- "recipientDidUrls": [
- "did:key:z6MkgmEkNM32vyFeMXcQA7AfQDznu47qHCZpy2AYH2Dtdu1d",
- "did:key:z6MkgxxdrThaRd7HbeAA4pYEwAgKT6ZXy2aNTcPkmeF1yWHN"
], - "payload": {
- "id": "731961f2-bdc3-4f1e-8d59-cc308fd60ec8",
- "from": "did:web:learn.vii.au01.mattr.global",
- "created_time": 1616466734,
- "body": {
- "uri": "openid://discovery?issuer=https://tenant.vii.mattr.global/ext/oidc/v1/issuers/0dceeddd-f717-4bf2-b520-b3ddcd104a60"
}
}
}
- 200
- 400
{- "jwe": {
- "protected": "eyJhbGciOiJYQzIwUCJ9",
- "recipients": [
- {
- "header": {
- "alg": "ECDH-1PU+A256KW",
- "kid": "did:key:z6MkgmEkNM32vyFeMXcQA7AfQDznu47qHCZpy2AYH2Dtdu1d#z6LSsvqSJkBvVEsDC8cxMHuQ3sKoLRMXB1MdtoLrMUq6A8Rg",
- "epk": {
- "kty": "OKP",
- "crv": "X25519",
- "x": "JOLnYaD7L-Rszz7fczPhn6MkNre25PUsztzB1RHoz14"
}, - "skid": "did:key:z6MkreuqFq6WrwozTeGKuUDz8bniTFRNAg8f3ZB862YdLp7v#z6LScyz3YLToyoKwZE6Tfq65hgZUkZdHrC4ZqohcUH9X6Twx"
}, - "encryption_key": "ag5iKzjJOth9Wa68dCVKJW_vnO_Ga0zSJgQp5rIUg69HCzIjuNYhDg"
}, - {
- "header": {
- "alg": "ECDH-1PU+A256KW",
- "kid": "did:key:z6MkgxxdrThaRd7HbeAA4pYEwAgKT6ZXy2aNTcPkmeF1yWHN#z6LSgDiT1CkducmcSPaq9E1Uj1qdSXBjsUNqqLQLrUu8EHWd",
- "epk": {
- "kty": "OKP",
- "crv": "X25519",
- "x": "gDYW7rhG3cBqFp9trFETtlut6QJxYVVSoVWL7eN1bzE"
}, - "skid": "did:key:z6MkreuqFq6WrwozTeGKuUDz8bniTFRNAg8f3ZB862YdLp7v#z6LScyz3YLToyoKwZE6Tfq65hgZUkZdHrC4ZqohcUH9X6Twx"
}, - "encryption_key": "F5R5ZW7Yk7_iWT5kUWqv3w_tLI7V86tLRthjy_SSbGQ2pFyXKni_gA"
}
], - "ciphertext": "xpW-D6sDPpWc_jk87nEyxPX7JQV8_OZpaQft7ySQ5XmNhoj-lQyDkXDncOCyhB7yMSdZrRBNQjKxlEbpY_WLk1hBoWfsTeszVSAuFbX_VKUSJ7GR6rcnWGVNgDfKS8GsyC_owtswXatkF_65_mzFOygctkUmd2eI5bcpQpWjhw2vqnvnWkb7l2J27aWFF_c9cu52dB559j8lwLYyYC9oSMgV5piB6ppfrWBGo_DigjxvJcAYcjFYqFcT6A1nphPhwVTQ2HNfJodbQoseHub8UQdG4qAOcggq5DI84tbqor1SU9rdPH03jPkLgoO_aeXyJg5meITXoFSiu_tRfvf8QQ6vKq6pkTTXs8zKXcBCGhGIyKBNBG4R4RIY1UffTMnJQQQGBble3P06pGOnsnSop0BtygelB9M0ZEwnAUSAQqN1RR4AQwWcn9nH6hHEu1pMhSvhCuFNAPWS-hg24JGGw8Xe3EEZlLH0PM8qpUAfksPq",
- "iv": "FJq5zKvuPiUQIdRcMtiChHCJByuY8XK9",
- "tag": "u8kT0VAAtTswjGXxNpuX0g=="
}
}
Decrypt a message
Decrypts a provided message where the tenant manages the keys for the defined recipientDidUrl
.
Analytic events
- MESSAGING_DECRYPT_START
- MESSAGING_DECRYPT_SUCCESS
- MESSAGING_DECRYPT_FAIL
Request Body schema: application/jsonrequired
Decryption parameters
required | string or EncryptedMessage (object) The |
Message Decrypted
Bad Request
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
{- "jwe": "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDp3ZWI6bWF0dHIuZ2xvYmFsI0V5MkN2V2N5MzQifQ.eyJtZXNzYWdlIjoidGVzdCJ9.dMvOGkfbRrjUJL7XYYAp1UxoHlt8J0N5_vRRLpTEHtQ4s8lwnMd0lhg7HiZVfvEyzk54f6J0CgTV5oHzVscdAA"
}
- 200
- 400
{- "payload": "string",
- "senderDidUrl": "did:web:organization.com#2vcj3MjR4d",
- "senderPublicJwk": { },
- "recipientDidUrl": "did:key:z6MkgmEkNM32vyFeMXcQA7AfQDznu47qHCZpy2AYH2Dtdu1d"
}
Send a message
Sends an encrypted JWM (JSON Web Messaging) format message to a service endpoint defined in a public DID document.
Analytic events
- MESSAGING_SEND_START
- MESSAGING_SEND_SUCCESS
- MESSAGING_SEND_FAIL
Request Body schema: application/json
Message sent
Error sending message
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
{- "to": "did:key:z6MkgmEkNM32vyFeMXcQA7AfQDznu47qHCZpy2AYH2Dtdu1d",
- "message": {
- "protected": "eyJhbGciOiJYQzIwUCJ9",
- "recipients": [
- {
- "header": {
- "alg": "ECDH-1PU+A256KW",
- "kid": "did:key:z6MkgmEkNM32vyFeMXcQA7AfQDznu47qHCZpy2AYH2Dtdu1d#z6LSsvqSJkBvVEsDC8cxMHuQ3sKoLRMXB1MdtoLrMUq6A8Rg",
- "epk": {
- "kty": "OKP",
- "crv": "X25519",
- "x": "kYsO02jWHATTJel6OpePqlkdDmKlE5VOr18UblgL8W0"
}, - "skid": "did:key:z6Mko4PvuwKzmjtaKTEV6ZhMSYqX5myTSe3L3Md4feiwCoua#z6LSkKk8HK73jYfUQRBHX3Qeb1Agv39qVNFn7n2PjRvjpPcy"
}, - "encryption_key": "n1VUf5SQdSFNtb8DHzYfJJ_lFhJcGDAPJWG8Y1W3d2qYyPzyxMhyaA"
}, - {
- "header": {
- "alg": "ECDH-1PU+A256KW",
- "kid": "did:key:z6MkgxxdrThaRd7HbeAA4pYEwAgKT6ZXy2aNTcPkmeF1yWHN#z6LSgDiT1CkducmcSPaq9E1Uj1qdSXBjsUNqqLQLrUu8EHWd",
- "epk": {
- "kty": "OKP",
- "crv": "X25519",
- "x": "P3jcIMPGK8thxyHxUsWB5fEsLnltJqRDWMNywtexk24"
}, - "skid": "did:key:z6Mko4PvuwKzmjtaKTEV6ZhMSYqX5myTSe3L3Md4feiwCoua#z6LSkKk8HK73jYfUQRBHX3Qeb1Agv39qVNFn7n2PjRvjpPcy"
}, - "encryption_key": "5ZOTqwj8NredkXEOp4ZDLL1ohRQqNTS508BTkLlUVCkDoYvizCIdrg"
}
], - "ciphertext": "Dl4zBqMeEDwcnyyc17nYvSQ048fcsha_Lm0dfer1nqfo5y8oHvD2VGNTp_lawNJMWCzQF3NDZxxKFz__wTUeHCqisCE_DWbjo_W-R3avzW9S-JFajv9NRtjlfd5yp-1TtD2N5d-8oTtMGdAxq3dftN2Od1xRe4stubJBebl3nf8-lG99DIVGdL8Y-D98kFDxnMxgCKn4RXyHnMowFWlhQCooLeYqo8aWjqVFkzuJzn-p47W7rV9BCuoVThhVuNkjQm_dhBrqu0QMpjJucz7OvOHp0mojdYNKwvWT6dfOVNXetMlKjWCGtCTNFaDTGLc4agdcTjAlaF1iedcVXDOLqVvEugXWGlusE3a68y6gmPnqHjXR6CsEfPwkb5hKKtsyrh1eHu_9UUang5o6N76mummVw4UZkDF6tP1PVGPvyctz82tthnOcjO5mZQG41xfMEMNxWtF8P8wCh4LotpdexXtYigzBgkI1Qoa_FK1czYWAUovysAJCTOZtmg==",
- "iv": "jSd3E-ElCHE-QhSDxrQ-Jv4eQhkxOj0s",
- "tag": "dbDolGVDdvYsYdn-vVrICw=="
}
}
- 400
{- "code": "string",
- "message": "string",
- "details": [
- {
- "value": "string",
- "msg": "Invalid value",
- "param": "id",
- "location": "body"
}
]
}