MATTR Learn

Verifies the signature of a provided JWS (JSON Web Signature), validating that the payload has not been tampered with and verifying that the kid in the JWS header is the same as the iss value in the Request Object.

One use case for verifying a JWS with a DID is when the Mobile Wallet App sends a Request Object to an OpenID Provider as part of the Authorization Code Flow (as per https://openid.net/specs/openid-connect-core-1_0-final.html#RequestObject). The Request Object is wrapped in a JWS with a signature that is generated from the Subject DID on the mobile app. Therefore verifying the JWS proves that the mobile app has access to the private key of the Subject DID.

Analytics Events

MESSAGING_VERIFY_STARTMESSAGING_VERIFY_SUCCESSMESSAGING_VERIFY_FAIL

Roles

adminissuer

POST/v1/messaging/verify

Authorization

AuthorizationBearer <token>

In: header

Request Body

Provide the JWS to verify

jws?string

JWS (JSON Web Siganture) in its compact form.

Response Body

curl -X POST "https://example.vii.au01.mattr.global/v1/messaging/verify" \
  -H "Content-Type: application/json" \
  -d '{
    "jws": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
  }'

curl -X POST "https://example.vii.au01.mattr.global/v1/messaging/verify" \  -H "Content-Type: application/json" \  -d '{    "jws": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"  }'

{
  "payload": "payload",
  "didUrl": "did:web:organization.com#2vcj3MjR4d",
  "did": "did:web:organization.com",
  "verified": true,
  "signerPublicJwk": {
    "kty": "OKP",
    "crv": "Ed25519",
    "x": "oQvDM6MvUdcgRCqKGJOgteRC9U06_x7bFtY0T-MJ1rQ"
  }
}

{
  "code": "BadRequest",
  "message": "Verification failed"
}

Verify a message