light-mode-image
Learn
API ReferenceMessaging

Verify a message

Roles

adminissuermanaged-issuer

Analytics Events

MESSAGING_VERIFY_STARTMESSAGING_VERIFY_SUCCESSMESSAGING_VERIFY_FAIL
POST/v1/messaging/verify

Verifies the signature of a provided JWS (JSON Web Signature), validating that the payload has not been tampered with and verifying that the kid in the JWS header is the same as the iss value in the Request Object.

One use case for verifying a JWS with a DID is when the Mobile Wallet App sends a Request Object to an OpenID Provider as part of the Authorization Code Flow (as per https://openid.net/specs/openid-connect-core-1_0-final.html#RequestObject). The Request Object is wrapped in a JWS with a signature that is generated from the Subject DID on the mobile app. Therefore verifying the JWS proves that the mobile app has access to the private key of the Subject DID.

Analytic events

  • MESSAGING_VERIFY_START
  • MESSAGING_VERIFY_SUCCESS
  • MESSAGING_VERIFY_FAIL

Authorization

bearerAuth
AuthorizationBearer <token>

In: header

Request Body

application/json

Provide the JWS to verify

jws?string

JWS (JSON Web Siganture) in its compact form.

Response Body

application/json

application/json

curl -X POST "https://example.vii.au01.mattr.global/v1/messaging/verify" \  -H "Content-Type: application/json" \  -d '{    "jws": "EXAMPLE_JWS_TOKEN_eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"  }'

{
  "payload": "payload",
  "didUrl": "did:web:organization.com#2vcj3MjR4d",
  "did": "did:web:organization.com",
  "verified": true,
  "signerPublicJwk": {
    "kty": "OKP",
    "crv": "Ed25519",
    "x": "oQvDM6MvUdcgRCqKGJOgteRC9U06_x7bFtY0T-MJ1rQ"
  }
}

{
  "code": "BadRequest",
  "message": "Verification failed"
}

How would you rate this page?

Sign a message POST

Accepts a message payload and signs it with a JWS (JSON Web Signature) using the a specific key from the DID (Decentralized Identifier) provided in the request. ### **Analytic events** * MESSAGING_SIGN_START * MESSAGING_SIGN_SUCCESS * MESSAGING_SIGN_FAIL

Encrypt a message POST

Encrypts the provided payload using into a JWM (JSON Web Message) format. ### **Analytic events** * MESSAGING_ENCRYPT_START * MESSAGING_ENCRYPT_SUCCESS * MESSAGING_ENCRYPT_FAIL