Learn

OIDC Verifiers

Create an OIDC Verifier

Creates a new OIDC Credential Verifier on the tenant.

Once created, this OIDC Verifier is publicly available on its /.well-known/openid-configuration path. The Authorization header is not required as it is intended for OIDC Client applications to resolve.

Analytic events

  • OIDC_VERIFIER_CREATE_START
  • OIDC_VERIFIER_CREATE_SUCCESS
  • OIDC_VERIFIER_CREATE_FAIL
SecuritybearerAuth
Request
Request Body schema: application/json
required

The verifier payload

verifierDid
required
string

Specifies the DID where the verifiable presenation will be sent to.

presentationTemplateId
required
string <uuid>

References the unique idetnifier of a Presentation Request Template that will be used by this verifier to create presentation requests.

required
Array of objects

As part of verifying a credential, the OIDC client initiates the request expecting a standard OIDC ID Token. However, as the digital wallet provides the credential in JSON-LD terms, it is required to map JSON-LD claims to OpenID Connect terms.

  • Currently the platform only supports schema.org for data vocabularies.
  • Make sure to use http:// and not https:// when entering jsonLdFqn values for schema.org. Otherwise you may not get the claims returned in your ID Token.
  • Standard OIDC claims are available on the Common Credential to OIDC Claim mappings page, so you can just copy & paste into your payload.
includePresentation
boolean

When set to true, the generated id_token will include the original presentation from the wallet.

Responses
201

OIDC Verifier created

400

Bad Request

post/ext/oidc/v1/verifiers
Request samples
application/json
{
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Response samples
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}

Retrieve all OIDC Verifiers

Returns a list of all OIDC Verifiers on the tenant.

Analytic events

  • OIDC_VERIFIER_RETRIEVE_LIST_START
  • OIDC_VERIFIER_RETRIEVE_LIST_SUCCESS
  • OIDC_VERIFIER_RETRIEVE_LIST_FAIL
SecuritybearerAuth
Request
query Parameters
limit
number [ 1 .. 1000 ]

Range size of returned verifier entries, default 100

Example: limit=2
cursor
string

Starting point for the range of verifier entries

Example: cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h
Responses
200

OIDC Verifiers retrieved

400

Bad Request

get/ext/oidc/v1/verifiers
Request samples 
Response samples 
application/json
{
  • "nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM",
  • "data": {
    }
}
Retrieve an OIDC Verifier
Retrieves an existing OIDC Verifier by providing its ID.


Analytic events


    

  • OIDC_VERIFIER_RETRIEVE_START
    • 

  • OIDC_VERIFIER_RETRIEVE_SUCCESS
    • 

  • OIDC_VERIFIER_RETRIEVE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Verifier ID


 
 Example:  41458e5a-9092-40b7-9a26-d4eb43c5792f
Responses 
200
OIDC Verifier retrieved


400
Bad Request


404
OIDC Verifier not found


get/ext/oidc/v1/verifiers/{id}
Request samples 
Response samples 
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Update an OIDC Verifier
Updates an existing OIDC Verifier by providing its ID.


Analytic events


    

  • OIDC_VERIFIER_UPDATE_START
    • 

  • OIDC_VERIFIER_UPDATE_SUCCESS
    • 

  • OIDC_VERIFIER_UPDATE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Verifier ID


 
 Example:  41458e5a-9092-40b7-9a26-d4eb43c5792f
Request Body schema: application/json
required
Update a verifier


verifierDid
required
string
Specifies the DID where the verifiable presenation will be sent to.


 
presentationTemplateId
required
string <uuid> 
References the unique idetnifier of a Presentation Request Template that will be used by this verifier to create presentation requests.


 
required
Array of objects
As part of verifying a credential, the OIDC client initiates the request expecting a standard OIDC ID Token. However, as the digital wallet provides the credential in JSON-LD terms, it is required to map JSON-LD claims to OpenID Connect terms.


    

  • Currently the platform only supports schema.org for data vocabularies.
    • 

  • Make sure to use http:// and not https:// when entering jsonLdFqn values for schema.org. Otherwise you may not get the claims returned in your ID Token.
    • 

  • Standard OIDC claims are available on the Common Credential to OIDC Claim mappings page, so you can just copy & paste into your payload.
    • 



 
includePresentation
boolean
When set to true, the generated id_token will include the original presentation from the wallet.


 
Responses 
200
OIDC Verifier updated


400
Bad Request


404
OIDC Verifier not found


put/ext/oidc/v1/verifiers/{id}
Request samples 
application/json
{
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Response samples 
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Delete an OIDC Verifier
Deletes an existing OIDC Verifier by providing its ID.


Analytic events


    

  • OIDC_VERIFIER_DELETE_START
    • 

  • OIDC_VERIFIER_DELETE_SUCCESS
    • 

  • OIDC_VERIFIER_DELETE_FAIL
    • 



SecuritybearerAuth 
Request 
path Parameters
id
required
string <uuid> 
Verifier ID


 
 Example:  41458e5a-9092-40b7-9a26-d4eb43c5792f
Responses 
204
OIDC Verifier deleted


400
Bad Request


404
OIDC Verifier not found


delete/ext/oidc/v1/verifiers/{id}
Request samples 
Response samples 
application/json
{
  • "code": "BadRequest",
  • "message": "Validation Error",
  • "details": [
    ]
}
➔ Next to OIDC Verifier Client