Learn

OIDC Verifiers

Specifies paths and operations for managing OIDC Verifiers.

Create an OIDC Verifier

Creates a new OIDC Credential Verifier on the tenant.

Once created, this OIDC Verifier is publicly available on its /.well-known/openid-configuration path. The Authorization header is not required as it is intended for OIDC Client applications to resolve.

Analytic events

  • OIDC_VERIFIER_CREATE_START
  • OIDC_VERIFIER_CREATE_SUCCESS
  • OIDC_VERIFIER_CREATE_FAIL
Roles: ["Admin","Verifier"]
SecuritybearerAuth
Request
Request Body schema: application/json
required

The verifier payload

verifierDid
required
string

Specifies the DID where the verifiable presentation will be sent to.

presentationTemplateId
required
string <uuid>

References the unique identifier of a Presentation Request Template that will be used by this verifier to create presentation requests.

required
Array of objects

As part of verifying a credential, the OIDC client initiates the request expecting a standard OIDC ID Token. However, as the digital wallet provides the credential in JSON-LD terms, it is required to map JSON-LD claims to OpenID Connect terms.

  • Currently the platform only supports schema.org for data vocabularies.
  • Make sure to use http:// and not https:// when entering jsonLdFqn values for schema.org. Otherwise you may not get the claims returned in your ID Token.
  • Standard OIDC claims are available on the Common Credential to OIDC Claim mappings page, so you can just copy & paste into your payload.
includePresentation
boolean

When set to true, the generated id_token will include the original presentation from the wallet.

Responses
201

OIDC Verifier created

400

Bad Request. The request was malformed or missing required parameters.

post/ext/oidc/v1/verifiers
Request samples
application/json
{
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Response samples
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}

Retrieve all OIDC Verifiers

Returns a list of all OIDC Verifiers on the tenant.

Analytic events

  • OIDC_VERIFIER_RETRIEVE_LIST_START
  • OIDC_VERIFIER_RETRIEVE_LIST_SUCCESS
  • OIDC_VERIFIER_RETRIEVE_LIST_FAIL
Roles: ["Admin","Verifier"]
SecuritybearerAuth
Request
query Parameters
limit
number [ 1 .. 1000 ]
Default: 100

Range size of returned list.

Example: limit=2
cursor
string

Starting point for the list of entries.

Example: cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h
Responses
200

OIDC Verifiers retrieved

400

Bad Request. The request was malformed or missing required parameters.

get/ext/oidc/v1/verifiers
Request samples 
Response samples 
application/json
{
  • "nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM",
  • "data": {
    }
}
Retrieve an OIDC Verifier
Retrieves an existing OIDC Verifier by providing its ID.


Analytic events


    

  • OIDC_VERIFIER_RETRIEVE_START
    • 

  • OIDC_VERIFIER_RETRIEVE_SUCCESS
    • 

  • OIDC_VERIFIER_RETRIEVE_FAIL
    • 



Roles:  ["Admin","Verifier"]
SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Verifier ID


 
 Example:  41458e5a-9092-40b7-9a26-d4eb43c5792f
Responses 
200
OIDC Verifier retrieved


400
Bad Request. The request was malformed or missing required parameters.


404
Not Found. The specified resource was not found.


get/ext/oidc/v1/verifiers/{id}
Request samples 
Response samples 
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Update an OIDC Verifier
Updates an existing OIDC Verifier by providing its ID.


Analytic events


    

  • OIDC_VERIFIER_UPDATE_START
    • 

  • OIDC_VERIFIER_UPDATE_SUCCESS
    • 

  • OIDC_VERIFIER_UPDATE_FAIL
    • 



Roles:  ["Admin","Verifier"]
SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Verifier ID


 
 Example:  41458e5a-9092-40b7-9a26-d4eb43c5792f
Request Body schema: application/json
required
Update a verifier


verifierDid
required
string
Specifies the DID where the verifiable presentation will be sent to.


 
presentationTemplateId
required
string <uuid> 
References the unique identifier of a Presentation Request Template that will be used by this verifier to create presentation requests.


 
required
Array of objects
As part of verifying a credential, the OIDC client initiates the request expecting a standard OIDC ID Token. However, as the digital wallet provides the credential in JSON-LD terms, it is required to map JSON-LD claims to OpenID Connect terms.


    

  • Currently the platform only supports schema.org for data vocabularies.
    • 

  • Make sure to use http:// and not https:// when entering jsonLdFqn values for schema.org. Otherwise you may not get the claims returned in your ID Token.
    • 

  • Standard OIDC claims are available on the Common Credential to OIDC Claim mappings page, so you can just copy & paste into your payload.
    • 



 
includePresentation
boolean
When set to true, the generated id_token will include the original presentation from the wallet.


 
Responses 
200
OIDC Verifier updated


400
Bad Request. The request was malformed or missing required parameters.


404
Not Found. The specified resource was not found.


put/ext/oidc/v1/verifiers/{id}
Request samples 
application/json
{
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Response samples 
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Delete an OIDC Verifier
Deletes an existing OIDC Verifier by providing its ID.


Analytic events


    

  • OIDC_VERIFIER_DELETE_START
    • 

  • OIDC_VERIFIER_DELETE_SUCCESS
    • 

  • OIDC_VERIFIER_DELETE_FAIL
    • 



Roles:  ["Admin","Verifier"]
SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Verifier ID


 
 Example:  41458e5a-9092-40b7-9a26-d4eb43c5792f
Responses 
204
OIDC Verifier deleted


400
Bad Request


404
OIDC Verifier not found


delete/ext/oidc/v1/verifiers/{id}
Request samples 
Response samples 
application/json
{
  • "code": "BadRequest",
  • "message": "Validation Error",
  • "details": [
    ]
}
➔ Next to OIDC Verifier Client