Online verification

mDocs

mDocs can be verified online via the OID4VP specification workflow, as defined in ISO/IEC 18013-7. Refer to mDocs online verification workflow for more information.

The following standard checks are performed on all mDocs verification requests:

• Issuer IACA is valid.
• Digital signature is valid.
• Credential structure complies with ISO/IEC 18013-5.

The following checks are optional and defined as part of the verification request:

• Current time is after the beginning of the credential validity period.
• Current time is not after the end of the credential validity period.
• Credential has not been revoked.

Additional resources

Implementation

Guides

API Reference

SDK Docs

JSON credentials

JSON credentials can be verified in one of two methods:

• Direct verification: Assumes you already have an out-of-band way of getting the credential from the holder, and you only need to verify it by making a request to a dedicated MATTR VII endpoint with the credential enclosed in the request body.
• Presentation verification: Use MATTR VII to create a presentation template, which details the information you wish to verify. Then, use this template to create a specific verification request from a specific holder. Presentation verification is only available for JSON credentials.

The following standard checks are performed on all JSON credentials verification requests, regardless of the verification method:

• Issuer DID can be used to resolve its DID document.
• Public key from issuer’s DID document validates the proof signature, confirming the credential has not been tampered with.
• JSON-LD context is valid for credential claims.

The following checks are optional and are defined as part of the verification request:

• Current time is after the beginning of the credential validity period.
• Current time is not after the end of the credential validity period.
• Credential has not been revoked.

Additional resources

Guides

API Reference