light-mode-image
Learn
API ReferenceStatus list retrieval

Retrieve a Status list token

Analytics Events

MOBILE_CREDENTIAL_STATUS_LIST_TOKEN_RETRIEVE_STARTMOBILE_CREDENTIAL_STATUS_LIST_TOKEN_RETRIEVE_SUCCESSMOBILE_CREDENTIAL_STATUS_LIST_TOKEN_RETRIEVE_FAIL
GET/v2/credentials/mobile/status-lists/{statusListId}/token

Retrieves the Status list token in CWT format. This public endpoint returns a token which contains a compressed, signed list of credential statuses. Relying parties can use this token to check the revocation status of an mDoc that references this Status list.

This endpoint is intended for public consumption, and as such does not require authentication.

Token Format Differences:

The token structure depends on the Status List configuration format:

Draft 14 of the IETF Token Status List specification:

  • Token header typ: application/statuslist+cwt
  • CBOR payload claims: 65533 (status_list), 65534 (ttl)
  • Status encoding: 1-bit (Valid/Invalid)

Legacy format:

  • Token header typ: mattr-statuslist+cwt
  • CBOR payload claims: -65538 (status_list), -65539 (ttl)
  • Status encoding: 2-bit (Valid/Invalid/Suspended)

Analytic events

  • MOBILE_CREDENTIAL_STATUS_LIST_TOKEN_RETRIEVE_START
  • MOBILE_CREDENTIAL_STATUS_LIST_TOKEN_RETRIEVE_SUCCESS
  • MOBILE_CREDENTIAL_STATUS_LIST_TOKEN_RETRIEVE_FAIL

Path Parameters

statusListId*string

Status list identifier

Formatuuid

Response Body

application/cwt

application/json

application/json

curl -X GET "https://example.vii.au01.mattr.global/v2/credentials/mobile/status-lists/497f6eca-6276-4993-bfeb-53cbbbba6f08/token"
"string"
{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}
{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

How would you rate this page?

Retrieve a Status list GET

<Callout type="warning"> **Deprecated.** In line with our SLA, this endpoint will be removed no earlier than 22 September 2026. To retrieve a Status list token, use the public [Retrieve a Status list token](#operation/getStatusListToken) endpoint (`GET /v2/credentials/mobile/status-lists/{statusListId}/token`), which returns the signed Status list token in CWT format. To discover the Status lists available on a tenant, use the public [Status list distribution](#operation/getStatusListDistribution) endpoint (`GET /v2/credentials/mobile/status-lists/distribution`). </Callout> Retrieves an existing Status list and its signed token by providing its ID. ### **Analytic events** * MOBILE_CREDENTIAL_STATUS_LIST_RETRIEVE_START * MOBILE_CREDENTIAL_STATUS_LIST_RETRIEVE_SUCCESS * MOBILE_CREDENTIAL_STATUS_LIST_RETRIEVE_FAIL

Status list distribution GET

Retrieves an object that details all existing Status lists tokens on the tenant. This public endpoint allows a relying party to consume and cache status lists. Each list in the response includes a URL where its token can be retrieved. Status list tokens that were signed by expired IACAs are excluded from the response. This endpoint is intended for public consumption, and as such does not require authentication. **Response Format Differences**: The response structure depends on the Status List configuration format: **Draft 14 of the IETF Token Status List specification**: `{"status_lists": ["https://..."]}` **Legacy format**: `{"status_lists": [{"uri": "https://..."}]}` ### **Analytic events** * MOBILE_CREDENTIAL_STATUS_LIST_DISTRIBUTION_START * MOBILE_CREDENTIAL_STATUS_LIST_DISTRIBUTION_SUCCESS * MOBILE_CREDENTIAL_STATUS_LIST_DISTRIBUTION_FAIL