API Reference
Create Credential Offer
/v1/openid/offersAuthorization
bearerAuthOpenIdCredentials In: header
Request Body
application/json
This array includes a list of identifiers for credential configurations that will be included in the credential offer. These identifiers are the id elements returned in the response when you create a credential configuration. To issue multiple credential formats of the same credential in a single flow, include all the required credential configuration id elements in the request payload.
Specifies a list of additional request parameters that the wallet can include in the authentication request.
Response Body
application/json
curl -X POST "https://example.vii.au01.mattr.global/v1/openid/offers" \ -H "Content-Type: application/json" \ -d '{ "credentials": [ "707e920a-f342-443b-ae24-6946b7b5033e" ] }'{
"uri": "openid-credential-offer://?credential_offer=%7B%22credential_issuer%22%3A%22https%3A%2F%2Fmyissuer.example.com%22%2C%22credentials%22%3A%5B%22707e920a-f342-443b-ae24-6946b7b5033e%22%5D%2C%22request_parameters%22%3A%7B%22login_hint%22%3A%22user%40example.com%22%2C%22prompt%22%3A%22login%22%7D%7D"
}Request authorization for access to resources
/v1/oauth/authorizeQuery Parameters
The response type, which must be 'code'.
"code"The client identifier.
The URI to which the authorization server will redirect the user-agent with the authorization code.
The scope of the access request.
An opaque value used by the client to maintain state between the request and callback.
The method used to derive the code_challenge, which must be 'S256'.
"S256"A high entropy random challenge generated by the client.
Response Body
application/json
text/plain
curl -X GET "https://example.vii.au01.mattr.global/v1/oauth/authorize?response_type=code&client_id=string&redirect_uri=string&scope=string&code_challenge_method=S256&code_challenge=string"{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}"Unauthorized"Exchange authorization code for access token
/v1/oauth/tokenRequest Body
application/x-www-form-urlencoded
The client identifier.
The grant type, which must be 'authorization_code'.
"authorization_code"The redirect URI that was used in the authorization request.
The authorization code obtained from the authorization endpoint.
SHA256 hash of the code_challenge in the authorization request.
Response Body
application/json
application/json
text/plain
curl -X POST "https://example.vii.au01.mattr.global/v1/oauth/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d 'client_id=string&grant_type=authorization_code&redirect_uri=string&code=string&code_verifier=string'{
"access_token": "KrrFP8GUeddJJtj7EF-4ugdvCl-dDdWwOqvAbvYsmfy",
"token_type": "Bearer",
"expires_in": 900,
"scope": "mso_mdoc:org.iso.18013.5.1.mDL"
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}"Unauthorized"Issue a verifiable credential
/v1/openid/credentialIn: header
Request Body
application/json
Credential format, always ldp_vc for JSON credentials.
"ldp_vc"JSON object containing proof of possession of the key material the issued Credential shall be bound to.
Response Body
application/json
curl -X POST "https://example.vii.au01.mattr.global/v1/openid/credential" \ -H "Content-Type: application/json" \ -d '{ "format": "ldp_vc", "credential_definition": { "type": [ "VerifiableCredential", "AlumniCredential" ], "@context": [ "https://www.w3.org/2018/credentials/v1" ] }, "proof": { "proof_type": "jwt", "jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9..." } }'{
"credential": {
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://www.w3.org/2018/credentials/examples/v1"
],
"type": [
"VerifiableCredential",
"AlumniCredential"
],
"issuer": {
"id": "did:web:organization.com",
"name": "Example University",
"logoUrl": "https://example.edu/img/logo.png",
"iconUrl": "https://example.edu/img/icon.png"
},
"credentialBranding": {
"backgroundColor": "#B00AA0",
"watermarkImageUrl": "https://example.edu/img/watermark.png"
},
"issuanceDate": "2020-05-02T12:06:29.156Z",
"credentialStatus": {
"id": "https://tenant.vii.mattr.global/v1/revocation-lists/cc641396-3750-43c8-b8b8-f30d74eb3fb3#1",
"type": "RevocationList2020Status",
"revocationListIndex": 1,
"revocationListCredential": "https://tenant.vii.mattr.global/v1/revocation-lists/cc641396-3750-43c8-b8b8-f30d74eb3fb3"
},
"credentialSubject": {
"givenName": "Jamie",
"familyName": "Doe",
"alumniOf": "Example University"
},
"proof": {
"type": "Ed25519Signature2018",
"created": "2020-05-02T12:06:29Z",
"jws": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
"proofPurpose": "assertionMethod",
"verificationMethod": "did:web:organization.com"
},
"name": "Alumni Credential",
"description": "This credential shows that the person has attended the mentioned university."
},
"format": "ldp_vc"
}Retrieve issuer metadata
fetch("https://example.vii.au01.mattr.global/.well-known/openid-credential-issuer", { method: "GET"}){
"issuer": "http://example.com",
"authorization_endpoint": "http://example.com",
"jwks_uri": "http://example.com",
"token_endpoint": "http://example.com",
"scopes_supported": [
"ldp_vc:ExampleCredential"
],
"response_types_supported": [
"code"
],
"response_modes_supported": [
"query"
],
"grant_types_supported": [
"authorization_code"
],
"code_challenge_methods_supported": [
"S256"
],
"credential_issuer": "http://example.com",
"credential_endpoint": "http://example.com",
"credentials_supported": [
{
"format": "string",
"id": "string",
"scope": "string",
"@context": [
"string"
],
"type": [
"string"
],
"credentialSubject": {},
"cryptographic_binding_methods_supported": "string",
"cryptographic_suites_supported": "string"
}
],
"mdoc_iacas_uri": "http://example.com"
}How would you rate this page?