Online verification
Online verification is available for the following credential formats:
mDocs
mDocs can be verified online via the OID4VP specification workflow, as defined in ISO/IEC 18013-7. Refer to mDocs online verification workflow for more information.
The following standard checks are performed on all mDocs verification requests:
- Issuer IACA is valid.
- Digital signature is valid.
- Credential structure complies with ISO/IEC 18013-5.
The following checks are optional and defined as part of the verification request:
- Current time is after the beginning of the credential validity period.
- Current time is not after the end of the credential validity period.
- Credential has not been revoked.
Additional resources
JSON credentials
JSON credentials can be verified in one of two methods:
- Direct verification: Assumes you already have an out-of-band way of getting the credential from the holder, and you only need to verify it by making a request to a dedicated MATTR VII endpoint with the credential enclosed in the request body.
- Presentation verification: Use MATTR VII to create a presentation template, which details the information you wish to verify. Then, use this template to create a specific verification request from a specific holder. Presentation verification is only available for JSON credentials.
The following standard checks are performed on all JSON credentials verification requests, regardless of the verification method:
- Issuer DID can be used to resolve its DID document.
- Public key from issuer’s DID document validates the proof signature, confirming the credential has not been tampered with.
- JSON-LD context is valid for credential claims.
The following checks are optional and are defined as part of the verification request:
- Current time is after the beginning of the credential validity period.
- Current time is not after the end of the credential validity period.
- Credential has not been revoked.
Additional resources