CertificatesAPI Reference
Verification request signers
Create a Verification request signer
Create a Verification request signer
Creates a Verification request signer.
- Only available in implementations using unmanaged (external) Verifier root CA certificates.
- A maximum of five Verification request signers can be created per tenant.
Analytic events
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_CREATE_START
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_CREATE_SUCCESS
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_CREATE_FAIL
POST
/v2/presentations/certificates/verifier-signersAuthorizationBearer <token>
In: header
caIdstring
Internal identifier of the Verifier root CA certificate that will be used for signing the Verification request signer.
- Must be an unmanaged (external) Verifier root CA certificate.
Format
uuidcaType?string
Indicates the source of the verifier root CA certificate. Set to external if the verifier root CA certificate is managed outside of MATTR (e.g., using your own PKI).
Value in
"external"caTypestring
Indicates the source of the verifier root CA certificate. Set to apple if the verifier root CA certificate is issued and managed by Apple Business Connect.
Apple Business connect support is currently offered as a tech preview. As such, functionality may be limited, may not work in all scenarios, and could change or break without prior notice.
Value in
"apple"curl -X POST "https://example.vii.au01.mattr.global/v2/presentations/certificates/verifier-signers" \ -H "Content-Type: application/json" \ -d '{ "caId": "b0aae560-10e7-4247-8e96-7cdd3578a1e2" }'{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"csrPem": "-----BEGIN CERTIFICATE REQUEST-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE REQUEST-----",
"caId": "b0aae560-10e7-4247-8e96-7cdd3578a1e2",
"active": false,
"caType": "mattr"
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Retrieve all Verification request signers
Retrieve all Verification request signers
Retrieves all Verification request signers.
Analytic events
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_LIST_START
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_LIST_SUCCESS
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_LIST_FAIL
GET
/v2/presentations/certificates/verifier-signersAuthorizationBearer <token>
In: header
Query Parameters
limit?number
Range size of returned list.
Default
100Range
1 <= value <= 1000cursor?string
Starting point for the list of entries.
curl -X GET "https://example.vii.au01.mattr.global/v2/presentations/certificates/verifier-signers?limit=2&cursor=Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1h"{
"data": [
{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"caType": "mattr",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z",
"subjectAlternativeNames": [
{
"type": 0,
"value": "string"
}
]
}
}
],
"nextCursor": "Y3JlYXRlZEF0PTIwMjAtMDgtMjVUMDY6NDY6MDkuNTEwWiZpZD1hNjZmZmVhNS04NDhlLTQzOWQtODBhNC1kZGE1NWY1M2UzNmM"
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Retrieve a Verification request signer
Retrieve a Verification request signer
Retrieves a Verification request signer.
Analytic events
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_START
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_SUCCESS
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_RETRIEVE_FAIL
GET
/v2/presentations/certificates/verifier-signers/{verifierSignerId}AuthorizationBearer <token>
In: header
Path Parameters
verifierSignerIdstring
Unique identifier of the Verification request signer.
Format
uuidcurl -X GET "https://example.vii.au01.mattr.global/v2/presentations/certificates/verifier-signers/b0aae560-10e7-4247-8e96-7cdd3578a1e2"{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"caType": "mattr",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z",
"subjectAlternativeNames": [
{
"type": 0,
"value": "string"
}
]
}
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Update a Verification request signer
Update a Verification request signer
Updates a Verification request signer by:
- Providing a Verification Request Signer Certificate (VRSC) in PEM format that matches its Certificate Signing Request (CSR).
- Activating or deactivating the VRSC signer. Only VRSC signers with a valid PEM certificate can be activated.
- The
certificatePemfield becomes immutable after it's updated for the first time.
Only available in implementations using unmanaged (external) Verifier root CA certificates.
Analytic events
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_UPDATE_START
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_UPDATE_SUCCESS
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_UPDATE_FAIL
PUT
/v2/presentations/certificates/verifier-signers/{verifierSignerId}AuthorizationBearer <token>
In: header
Path Parameters
verifierSignerIdstring
Unique identifier of the Verification request signer.
Format
uuidactiveboolean
Indicates if the Verification request signer is active. Only active Verification request signers can be used for signing verification requests.
certificatePem?string
Verification Request Signer Certificate (VRSC) in PEM format. If caType is apple, then this certificate must be issued by Apple Business Connect.
curl -X PUT "https://example.vii.au01.mattr.global/v2/presentations/certificates/verifier-signers/b0aae560-10e7-4247-8e96-7cdd3578a1e2" \ -H "Content-Type: application/json" \ -d '{ "active": true }'{
"id": "782f1885-c7c2-4459-8426-b6d7c111b0b1",
"caType": "mattr",
"active": true,
"certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"commonName": "example.com",
"country": "US",
"notAfter": "2024-10-22T00:00:00Z",
"notBefore": "2023-10-22T00:00:00Z",
"subjectAlternativeNames": [
{
"type": 0,
"value": "string"
}
]
}
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}Delete a Verification request signer
Delete a Verification request signer
Deletes a Verification request signer.
Only available in implementations using unmanaged (external) Verifier root CA certificates.
Analytic events
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_DELETE_START
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_DELETE_SUCCESS
- CREDENTIAL_PRESENTATION_VERIFIER_SIGNER_CERTIFICATE_DELETE_FAIL
DELETE
/v2/presentations/certificates/verifier-signers/{verifierSignerId}AuthorizationBearer <token>
In: header
Path Parameters
verifierSignerIdstring
Unique identifier of the Verification request signer.
Format
uuidcurl -X DELETE "https://example.vii.au01.mattr.global/v2/presentations/certificates/verifier-signers/b0aae560-10e7-4247-8e96-7cdd3578a1e2"Empty
{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}How would you rate this page?