Verification request signers

Specifies paths and operations for managing Verification request signers.

Create a Verification request signer

Creates a Verification request signer.

Only available in implementations using unmanaged (external) Verifier root CA certificates.
A maximum of five Verification request signers can be created per tenant.
Analytic events

CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_CREATE_START
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_CREATE_SUCCESS
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_CREATE_FAIL

Roles: ["admin","verifier"]

SecuritybearerAuth

Request

Request Body schema: application/json

caId

required

string <uuid>

Internal identifier of the Verifier root CA certificate that will be used for signing the Verification request signer.

Must be an unmanaged (external) Verifier root CA certificate.

Responses

201

Verification request signer created

400

Bad Request. The request was malformed or missing required parameters.

404

Not Found. The specified resource was not found.

post/v2/presentations/certificates/verifier-signers

Request samples

application/json

{"caId": "b0aae560-10e7-4247-8e96-7cdd3578a1e2"
}

Response samples

application/json

{"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"csrPem": "-----BEGIN CERTIFICATE REQUEST-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE REQUEST-----",
"caId": "b0aae560-10e7-4247-8e96-7cdd3578a1e2",
"active": false
}

Retrieve all Verification request signers

Retrieves all Verification request signers.

Analytic events

CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_LIST_START
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_LIST_SUCCESS
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_LIST_FAIL

Roles: ["admin","verifier"]

SecuritybearerAuth

Request

query Parameters

limit	number [ 1 .. 1000 ] Default: 100 Range size of returned list. Example: limit=2
cursor	string Starting point for the list of entries. Example: cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h

Responses

200

Verification request signers retrieved

400

Bad Request. The request was malformed or missing required parameters.

get/v2/presentations/certificates/verifier-signers

Request samples

Response samples

application/json

{"data": [{"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {"commonName": "example.com",
"country": "US",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
}
}
],
"nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM"
}

Update a Verification request signer

Updates a Verification request signer by:

Providing a Verification Request Signer Certificate (VRSC) in PEM format that matches its Certificate Signing Request (CSR).
Activating or deactivating the VRSC signer. Only VRSC signers with a valid PEM certificate can be activated.
The certificatePem field becomes immutable after it's updated for the first time.

Only available in implementations using unmanaged (external) Verifier root CA certificates.

Analytic events

CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_UPDATE_START
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_UPDATE_SUCCESS
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_UPDATE_FAIL

Roles: ["admin","verifier"]

SecuritybearerAuth

Request

path Parameters

verifierSignerId

required

string <uuid>

Unique identifier of the Verification request signer.

Example: b0aae560-10e7-4247-8e96-7cdd3578a1e2

Request Body schema: application/json

active required	boolean Indicates if the Verification request signer is active. Only active Verification request signers can be used for signing verification requests.
certificatePem	string Verification Request Signer Certificate (VRSC) in PEM format.

Responses

200

Verification request signer updated

400

Bad Request. The request was malformed or missing required parameters.

404

Not Found. The specified resource was not found.

put/v2/presentations/certificates/verifier-signers/{verifierSignerId}

Request samples

application/json

{"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----"
}

Response samples

application/json

{"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {"commonName": "example.com",
"country": "US",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
}
}

Delete a Verification request signer

Deletes a Verification request signer.

Only available in implementations using unmanaged (external) Verifier root CA certificates.

Analytic events

CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_DELETE_START
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_DELETE_SUCCESS
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_DELETE_FAIL

Roles: ["admin","verifier"]

SecuritybearerAuth

Request

path Parameters

verifierSignerId

required

string <uuid>

Unique identifier of the Verification request signer.

Example: b0aae560-10e7-4247-8e96-7cdd3578a1e2

Responses

204

Verification request signer deleted

400

Bad Request. The request was malformed or missing required parameters.

404

Not Found. The specified resource was not found.

delete/v2/presentations/certificates/verifier-signers/{verifierSignerId}

Request samples

Response samples

application/json

{"code": "string",
"message": "string",
"details": [{"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}

Retrieve a Verification request signer

Retrieves a Verification request signer.

Analytic events

CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_START
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_SUCCESS
CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_FAIL

Roles: ["admin","verifier"]

SecuritybearerAuth

Request

path Parameters

verifierSignerId

required

string <uuid>

Unique identifier of the Verification request signer.

Example: b0aae560-10e7-4247-8e96-7cdd3578a1e2

Responses

200

Verification request signer retrieved

404

Not Found. The specified resource was not found.

get/v2/presentations/certificates/verifier-signers/{verifierSignerId}

Request samples

Response samples

application/json

{"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {"commonName": "example.com",
"country": "US",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z"
}
}

➔ Next to Apple Identity Access certificates