light-mode-image
Learn
API ReferenceSemantic CWT

Verify a Semantic CWT credential

Roles

adminverifier

Analytics Events

CREDENTIAL_COMPACT_SEMANTIC_VERIFY_STARTCREDENTIAL_COMPACT_SEMANTIC_VERIFY_SUCCESSCREDENTIAL_COMPACT_SEMANTIC_VERIFY_FAIL
POST/v2/credentials/compact-semantic/verify

Verify a Semantic CWT credential by providing the encoded payload and specifying verification options.

You can provide a valid Semantic CWT credential as either an encoded string or a QR code in a PDF document or an image file.

Standard checks performed on all verification requests:

  • Conformance of the string and encoded data. All string representations of CWT credentials must be prefixed with CSC/1.
  • Decoded payload CWT structure and attributes can be validated.
  • Remote context schema can be resolved and validate claims can be dereferenced.
  • Issuer DID can be used to resolve its did.json document.
  • Public key from issuer's did.json document validates the proof signature, confirming the credential has not been tampered with.

Optional parameter checks:

  • Credential was issued by a trusted issuer.
  • Current time is after the beginning of the credential validity period.
  • Current time is not after the end of the credential validity period.
  • Credential has not been revoked.

Analytic events

  • CREDENTIAL_COMPACT_SEMANTIC_VERIFY_START
  • CREDENTIAL_COMPACT_SEMANTIC_VERIFY_SUCCESS
  • CREDENTIAL_COMPACT_SEMANTIC_VERIFY_FAIL

Authorization

bearerAuth
AuthorizationBearer <token>

In: header

Request Body

payload*string

The Semantic CWT credential to verify, represented as an encoded string.

trustedIssuers?array<>

When you include issuers' DIDs in this array, credentials will only be verified if their iss value matches one of these DIDs. You can include multiple trusted issuers, separated by commas.

assertValidFrom?boolean

MATTR VII validates the credential's nbf (not before) field by default, so that credentials that have a future nbf date will not be verified. When this field is set to false, credentials can be verified even when their nbf date is in the future.

Defaulttrue
assertValidUntil?boolean

MATTR VII validates the credential's exp (expiry) field by default, so that expired credentials will not be verified. When this field is set to false, credentials can be verified even when their exp date has passed.

Defaulttrue
checkRevocation?boolean

MATTR VII checks the credential revocation status by default, so that revoked credentials will not be verified. When this field is set to false, credentials can be verified even when they had been revoked.

Defaulttrue

Response Body

application/json

application/json

curl -X POST "https://example.vii.au01.mattr.global/v2/credentials/compact-semantic/verify" \  -H "Content-Type: application/json" \  -d '{    "payload": "CSS:/1/2KCE3IQEJB5DCMSLN5KWKZABE2QFRMFEAF4CIZDJMQ5HOZLCHIYDGOJUFUYTENJNGIZTOLJVGIWTCMJQFZXGO4TPNMXGS33COZR2G2CAMNXW45DFPB2IC6BGNB2HI4DTHIXS653XO4XHOMZON5ZGOLZSGAYTQL3DOJSWIZLOORUWC3DTF53DCZDUPFYGLALUKZSXE2LGNFQWE3DFINZGKZDFNZ2GSYLMOFRXEZLEMVXHI2LBNRJXKYTKMVRXJILENZQW2ZLEJJXWQ3QH3BAFAW2MIRFQDICFCSNL5EIX4IISCEIFDJRFHCRRLBALWFYDLUVEKXHERNWHUDGJI3DDNNXSFWIRHUASBHGB2I7UHGPZMJEB3SMOFMBL3PABL5HUFSQLLGNE7YRKSAM3OAQN7F4LG365HL67BU"  }'

{
  "verified": false,
  "reason": [
    {
      "type": "IssuerNotTrusted",
      "msg": "..."
    }
  ],
  "decoded": {
    "jti": "urn:uuid:03ae824d-7179-4c01-aa29-f80ba93122d2",
    "iss": "did:web:xxx",
    "nbf": 1649037604,
    "vc": {
      "@context": [
        "https://www.w3.org/2018/credentials/v1",
        "https://example.com/credentials/pass"
      ],
      "type": [
        "VerifiableCredential",
        "PublicCovidPass"
      ],
      "credentialSubject": {
        "givenName": "Jack",
        "familyName": "Sparrow",
        "dob": "1979-04-14"
      }
    }
  }
}

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}
Empty
Empty

How would you rate this page?

Verify a CWT credential POST

Verify a CWT credential by providing the encoded payload and specifying verification options. You can provide a valid CWT credential as either an encoded string or a QR code in a PDF document or an image file. Standard checks performed on all verification requests: - Conformance of the string and encoded data. All string representations of CWT credentials must be prefixed with `CSC/1`. - Decoded payload structure is a valid CWT credential. - Issuer DID can be used to resolve its `did.json` document. - Public key from issuer's `did.json` document validates the proof signature, confirming the credential has not been tampered with. Optional parameter checks: - Credential was issued by a trusted issuer. - Current time is after the beginning of the credential validity period. - Current time is not after the end of the credential validity period. - Credential has not been revoked. ### **Analytic events** * CREDENTIAL_COMPACT_VERIFY_START * CREDENTIAL_COMPACT_VERIFY_SUCCESS * CREDENTIAL_COMPACT_VERIFY_FAIL

Verify a JSON credential POST

Verify a JSON credential by providing its payload. The credential is verified against the following criteria: - Issuer DID can be resolved, so that the referenced DID Document is available and valid and the public key is obtainable. - Proof is valid and the credential has not been tampered with. - JSON-LD context is valid for subject claims. Optional verification checks: - If `assertExpiry` is set to `true` and the credential has a set expiration date, verification will fail if the expiration date has passed. - If `checkRevocation` is set to `true` and the provided credential contains a revocation status list, verification will fail if the credential has been set to `revoked`. ### **Analytic events** * CREDENTIAL_WEB_SEMANTIC_VERIFY_START * CREDENTIAL_WEB_SEMANTIC_VERIFY_SUCCESS * CREDENTIAL_WEB_SEMANTIC_VERIFY_FAIL