light-mode-image
Learn
DC API

How to build an Android application that can present a credential via the DC API

Digital Credentials (DC) API support is currently offered as a tech preview. The DC API specification itself is still under active development in the W3C Web Incubator CG, and platform implementations continue to evolve. As such, functionality may be limited, may not work in all scenarios, and could change or break without prior notice as browsers and operating systems update their implementations.

Overview

This guide demonstrates how to use the Holder SDK to build an Android application that can present a claimed mDoc to a verifier remotely via the DC API, as per Annex D of ISO/IEC 18013-7:2025.

Prerequisites

Application base

This guide builds on the knowledge gained in the Claim a credential and Remote presentation tutorials.

It is recommended to complete those tutorials first, then return here to add support for the DC API workflow.

Testing Devices

  • Mobile device:
    • Android device running Android 14 or later.
    • The device must have a holder application with claimed credentials set up as per the Claim a credential tutorial and support for the DC API enabled as per the instructions in this guide.
  • Desktop device with a web browser that supports the DC API:
    • Chrome or a Chromium based browser v138 or later.
    • Safari v26 or later.

How it works

The DC API is a browser standard that enables web applications to request and verify digital credentials directly from compatible wallet applications on the user's device. This provides a seamless user experience where credential presentation happens entirely within the browser context.

From a holder application point of view, there are several changes required to support remote presentations via the DC API compared to the standard OID4VP remote presentation workflow:

  • When the DC API feature is enabled upon initialization, all claimed credentials are automatically registered with the Digital Credentials Manager (DCM), making them available when a website requests credentials of matching types.
  • When a user selects to present a credential from the holder application, the SDK handles the entire interaction in the background by:
    • Receiving the presentation request from the operating system via the DCM.
    • Locating the requested credential.
    • Authenticating the user via the operating system's native authentication mechanisms (fingerprint recognition, face recognition, or PIN code as defined for the credential).
    • Creating and returning the credential presentation to the DCM, which then continues the interaction with the browser without the holder application needing to be directly involved in the process.

Adjusting your mobile application to support remote presentations via the DC API

The Holder SDK handles most of the complexity of the DC API workflow internally. You will have to make the following adjustments to enable it in your application:

  1. Initialize the SDK with support for the DC API enabled.
  2. Handle callbacks for verifier authentication (optional).

Initialize the SDK with support for the DC API enabled

When you initialize the SDK with the DC API feature enabled, the SDK automatically:

  • Registers your application as a credential provider with the Android operating system
  • Registers all claimed credentials with the Digital Credentials Manager (DCM)
  • Handles incoming presentation requests

Adjust your SDK initialization code to enable DC API support by setting the enabled flag to true in the DcmConfiguration:

Initializing the SDK with DC API support enabled
MobileCredentialHolder.getInstance().initialize(
    context, 
    dcmConfiguration = DcmConfiguration(enabled = true)
)

Handle verifier authentication results (optional)

The SDK provides an API to detect if the Verifier can be trusted. This is an optional step as the SDK will handle the presentation flow and user authentication with the operating system in the background without any involvement from the app. However, if your application has specific requirements around when verifier authentication should be required, you can use this API to enforce that.

Perform the following steps to implement verifier authentication in your application:

  1. Add the following intent filter in your application's AndroidManifest.xml file to allow it to receive the verifier authentication result from the SDK:
AndroidManifest.xml
<intent-filter>
    <action android:name="global.mattr.credentialmanager.action.CONFIRMATION" />
    <category android:name="android.intent.category.DEFAULT" />
</intent-filter>

<intent-filter>
    <action android:name="global.mattr.credentialmanager.action.ERROR" />
    <category android:name="android.intent.category.DEFAULT" />
</intent-filter>

These are both optional intent filters. The first one allows your application to receive the verifier authentication result when the verifier is trusted or untrusted but signed. The second one allows your application to receive a callback when an error occurs during the authentication process. If you choose not to implement these intent filters, the SDK will still handle the presentation flow and user authentication with the operating system in the background without any involvement from your app.

  1. Handle the incoming intents in the corresponding activity onCreate method:
Handling verifier confirmation and errors
val verifierAuthenticationResult: VerifierAuthenticationResult? = when (intent.action) {
    "global.mattr.credentialmanager.action.CONFIRMATION" -> {
        IntentCompat.getParcelableExtra(
            intent,
            "global.mattr.credentialmanager.extra.verifier_authentication_result",
            VerifierAuthenticationResult::class.java
        )
    }

    "global.mattr.credentialmanager.action.ERROR" -> null

    else -> {
        finish()
        return
    }
}

This code example retrieves the verifier authentication result from the incoming intent when the action is global.mattr.credentialmanager.action.CONFIRMATION. If the action is global.mattr.credentialmanager.action.ERROR, it sets the result to null, indicating that an error occurred during the authentication process.

  1. Handle the result of the Verifier authentication based on your requirements. For example:
Handling the verifier authentication result
when (verifierAuthenticationResult) {
    is VerifierAuthenticationResult.Trusted -> {
        // If this reader is trusted, just return success
        setResult(RESULT_OK)
        finish()
        return
    }

    is VerifierAuthenticationResult.Untrusted, is VerifierAuthenticationResult.Unsigned -> {
        // Require user confirmation and set the activity result based on the 
        // user's decision in the confirmation screen.
    }

    null -> {
        // An error occurred during the authentication process. Show an error message.
        // ...
        setResult(RESULT_CANCELED)
        finish()
        return
    }
}

In this example, if the verifier is trusted, the application simply returns a successful result. If the verifier is untrusted or unsigned, the application can prompt the user for confirmation and set the activity result based on the user's decision.

Test the application

Let's test that the application is working as expected in both workflows.

Same-device workflow

  1. Use a browser on your testing mobile device to navigate to the MATTR Labs remote presentation testing tool.
  2. Select Digital Credentials API from the Select Experience list.
  3. Select Request credentials.
  4. Confirm interacting with the verifier on your mobile device when prompted by the operating system (this might look different based on the device and operating system version).
  5. Select the credential you wish to send to the verifier from the list of credentials suggested by the operating system.
  6. Send the response.
  7. The UI prompt will close, and you should see a successful verification indication in the browser where you initiated the request.

Cross-device workflow

  1. Use a desktop browser to navigate to the MATTR Labs remote presentation testing tool.
  2. Select Digital Credentials API from the Select Experience list.
  3. Select Request credentials.
  4. Open the camera on your testing device and scan the QR code.
  5. Confirm interacting with the verifier on your mobile device when prompted by the operating system (this might look different based on the device and operating system version).
  6. Select the credential you wish to send to the verifier from the list of available credentials suggested by the operating system.
  7. Send the response.
  8. The UI prompt will close.
  9. Back on your desktop browser, you should see a successful verification indication.

Summary

You have just used the Android Holder SDK to build an Android application that can present a claimed mDoc to a verifier remotely via the DC API, as per Annex D of ISO/IEC 18013-7:2025.

This was achieved by making the following adjustments to your application:

  1. Initialize the SDK with support for the DC API enabled.
  2. Optionally, handle the verifier's authentication result.

What's next?

How would you rate this page?

Last updated on

Guide (iOS)

Previous Page

On this page

Overview
Prerequisites
Application base
Testing Devices
How it works
Adjusting your mobile application to support remote presentations via the DC API
Initialize the SDK with support for the DC API enabled
Handle verifier authentication results (optional)
Test the application
Same-device workflow
Cross-device workflow
Summary
What's next?