OIDC Verifiers

Create an OIDC Verifier

Creates a new OIDC Credential Verifier on the tenant.

Once created, this OIDC Verifier is publicly available on its /.well-known/openid-configuration path. The Authorization header is not required as it is intended for OIDC Client applications to resolve.

Analytic events

  • OIDC_VERIFIER_CREATE_START
  • OIDC_VERIFIER_CREATE_SUCCESS
  • OIDC_VERIFIER_CREATE_FAIL
SecuritybearerAuth
Request
Request Body schema: application/json
required

The verifier payload

verifierDid
required
string

Specifies the DID where the verifiable presentation will be sent to.

presentationTemplateId
required
string <uuid>

References the unique identifier of a Presentation Request Template that will be used by this verifier to create presentation requests.

required
Array of objects

As part of verifying a credential, the OIDC client initiates the request expecting a standard OIDC ID Token. However, as the digital wallet provides the credential in JSON-LD terms, it is required to map JSON-LD claims to OpenID Connect terms.

  • Currently the platform only supports schema.org for data vocabularies.
  • Make sure to use http:// and not https:// when entering jsonLdFqn values for schema.org. Otherwise you may not get the claims returned in your ID Token.
  • Standard OIDC claims are available on the Common Credential to OIDC Claim mappings page, so you can just copy & paste into your payload.
includePresentation
boolean

When set to true, the generated id_token will include the original presentation from the wallet.

Responses
201

OIDC Verifier created

400

Bad Request

post/ext/oidc/v1/verifiers
Request samples
application/json
{
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Response samples
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}

Retrieve all OIDC Verifiers

Returns a list of all OIDC Verifiers on the tenant.

Analytic events

  • OIDC_VERIFIER_RETRIEVE_LIST_START
  • OIDC_VERIFIER_RETRIEVE_LIST_SUCCESS
  • OIDC_VERIFIER_RETRIEVE_LIST_FAIL
SecuritybearerAuth
Request
query Parameters
limit
number [ 1 .. 1000 ]

Range size of returned verifier entries, default 100

Example: limit=2
cursor
string

Starting point for the range of verifier entries

Example: cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h
Responses
200

OIDC Verifiers retrieved

400

Bad Request

get/ext/oidc/v1/verifiers
Request samples
Response samples
application/json
{
  • "nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM",
  • "data": {
    }
}

Retrieve an OIDC Verifier

Retrieves an existing OIDC Verifier by providing its ID.

Analytic events

  • OIDC_VERIFIER_RETRIEVE_START
  • OIDC_VERIFIER_RETRIEVE_SUCCESS
  • OIDC_VERIFIER_RETRIEVE_FAIL
SecuritybearerAuth
Request
path Parameters
id
required
string <uuid>

Verifier ID

Example: 41458e5a-9092-40b7-9a26-d4eb43c5792f
Responses
200

OIDC Verifier retrieved

400

Bad Request

404

OIDC Verifier not found

get/ext/oidc/v1/verifiers/{id}
Request samples
Response samples
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}

Update an OIDC Verifier

Updates an existing OIDC Verifier by providing its ID.

Analytic events

  • OIDC_VERIFIER_UPDATE_START
  • OIDC_VERIFIER_UPDATE_SUCCESS
  • OIDC_VERIFIER_UPDATE_FAIL
SecuritybearerAuth
Request
path Parameters
id
required
string <uuid>

Verifier ID

Example: 41458e5a-9092-40b7-9a26-d4eb43c5792f
Request Body schema: application/json
required

Update a verifier

verifierDid
required
string

Specifies the DID where the verifiable presentation will be sent to.

presentationTemplateId
required
string <uuid>

References the unique identifier of a Presentation Request Template that will be used by this verifier to create presentation requests.

required
Array of objects

As part of verifying a credential, the OIDC client initiates the request expecting a standard OIDC ID Token. However, as the digital wallet provides the credential in JSON-LD terms, it is required to map JSON-LD claims to OpenID Connect terms.

  • Currently the platform only supports schema.org for data vocabularies.
  • Make sure to use http:// and not https:// when entering jsonLdFqn values for schema.org. Otherwise you may not get the claims returned in your ID Token.
  • Standard OIDC claims are available on the Common Credential to OIDC Claim mappings page, so you can just copy & paste into your payload.
includePresentation
boolean

When set to true, the generated id_token will include the original presentation from the wallet.

Responses
200

OIDC Verifier updated

400

Bad Request

404

OIDC Verifier not found

put/ext/oidc/v1/verifiers/{id}
Request samples
application/json
{
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}
Response samples
application/json
{
  • "id": "41458e5a-9092-40b7-9a26-d4eb43c5792f",
  • "verifierDid": "did:key:z6MkrYVmyqSA93o4B1GwERM8kaQDMAUKAFV2TC3weQKeg9Gq",
  • "presentationTemplateId": "364b6a1b-3600-4927-a6ac-4d66aa6bbac3",
  • "claimMappings": [],
  • "includePresentation": true
}

Delete an OIDC Verifier

Deletes an existing OIDC Verifier by providing its ID.

Analytic events

  • OIDC_VERIFIER_DELETE_START
  • OIDC_VERIFIER_DELETE_SUCCESS
  • OIDC_VERIFIER_DELETE_FAIL
SecuritybearerAuth
Request
path Parameters
id
required
string <uuid>

Verifier ID

Example: 41458e5a-9092-40b7-9a26-d4eb43c5792f
Responses
204

OIDC Verifier deleted

400

Bad Request

404

OIDC Verifier not found

delete/ext/oidc/v1/verifiers/{id}
Request samples
Response samples
application/json
{
  • "code": "BadRequest",
  • "message": "Validation Error",
  • "details": [
    ]
}