Verifier root CA certificates

Create a Verifier root CA certificate

POST/v2/presentations/certificates/ca

Authorization

bearerAuth

AuthorizationBearer <token>

In: header

Request Body

application/json

Verifier root CA certificate payload

TypeScript Definitions

Use the request body type in TypeScript.

commonName?string

Used to define the common name of the created verifier root CA certificate. Used to establish trust with the verifier by wallets that implement certificate-based trust.

When provided, the value must be a valid PrintableString and cannot be an empty string.
If not provided and a custom domain is configured and verified, the custom domain is used followed by the word Verifier.
If no custom domain is configured, the tenant subdomain is used instead.

Default"{tenantDomain} Verifier"

country?string

Indicates the verifier's country. If not provided, a country is selected based on the region of the tenant subdomain cloud host. When specified, the value must be a valid Alpha 2 country code as per ISO 3166-1.

notBefore?string

Used to set the date and time when the Verifier root CA certificate becomes valid and can be used to sign other intermediate certificates.

Must not be in the past.
Must be before notAfter.

Formatdate-time

notAfter?string

Used to set the date and time when the Verifier root CA certificate expires.

If not provided, calculated as notBefore + 20 years.
If not provided and notBefore is not provided, calculated as time of creation + 20 years.
Maximum value is 20 years from creation.
Must be after notBefore, if provided.

Formatdate-time

certificatePem*string

Verifier root CA certificate in PEM format. The certificate must be valid and not expired.

Response Body

`application/json`

curl -X POST "https://example.vii.au01.mattr.global/v2/presentations/certificates/ca" \  -H "Content-Type: application/json" \  -d '{}'

{
  "id": "string",
  "certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
  "certificateFingerprint": "a3b2c1d4e5f60718293a4b5c6d7e8f90123456789abcdef0123456789abcdef0",
  "certificateData": {
    "commonName": "Example Verifier",
    "country": "US",
    "notAfter": "2024-10-22T00:00:00Z",
    "notBefore": "2023-10-22T00:00:00Z"
  },
  "active": true,
  "isManaged": true
}

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

Retrieve all Verifier root CA certificates

GET/v2/presentations/certificates/ca

Authorization

bearerAuth

AuthorizationBearer <token>

In: header

Response Body

`application/json`

curl -X GET "https://example.vii.au01.mattr.global/v2/presentations/certificates/ca"

{
  "data": [
    {
      "id": "string",
      "certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
      "certificateFingerprint": "a3b2c1d4e5f60718293a4b5c6d7e8f90123456789abcdef0123456789abcdef0",
      "certificateData": {
        "commonName": "Example Verifier",
        "country": "US",
        "notAfter": "2024-10-22T00:00:00Z",
        "notBefore": "2023-10-22T00:00:00Z"
      },
      "active": true,
      "isManaged": true
    }
  ],
  "nextCursor": "string"
}

Retrieve a Verifier root CA certificate

GET/v2/presentations/certificates/ca/{certificateId}

Authorization

bearerAuth

AuthorizationBearer <token>

In: header

Path Parameters

certificateId*string

Unique identifier for the verifier root CA certificate.

Formatuuid

Response Body

`application/json`

curl -X GET "https://example.vii.au01.mattr.global/v2/presentations/certificates/ca/281d20b3-42a3-40dd-b29a-115ff32b02b7"

{
  "id": "string",
  "certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
  "certificateFingerprint": "a3b2c1d4e5f60718293a4b5c6d7e8f90123456789abcdef0123456789abcdef0",
  "certificateData": {
    "commonName": "Example Verifier",
    "country": "US",
    "notAfter": "2024-10-22T00:00:00Z",
    "notBefore": "2023-10-22T00:00:00Z"
  },
  "active": true,
  "isManaged": true
}

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

Update a Verifier root CA certificate

PUT/v2/presentations/certificates/ca/{certificateId}

Authorization

bearerAuth

AuthorizationBearer <token>

In: header

Path Parameters

certificateId*string

Unique identifier for the verifier root CA certificate.

Formatuuid

Request Body

application/json

Verifier root CA certificate payload

TypeScript Definitions

Use the request body type in TypeScript.

active*boolean

Indicates if the Verifier root CA certificate is active. Only active certificates can be used to sign other intermediate certificates.

Defaulttrue

Response Body

`application/json`

curl -X PUT "https://example.vii.au01.mattr.global/v2/presentations/certificates/ca/281d20b3-42a3-40dd-b29a-115ff32b02b7" \  -H "Content-Type: application/json" \  -d '{    "active": true  }'

{
  "id": "string",
  "certificatePem": "-----BEGIN CERTIFICATE-----\nMIIDXTCCAkWgAwIBAgIJAL5...\n-----END CERTIFICATE-----",
  "certificateFingerprint": "a3b2c1d4e5f60718293a4b5c6d7e8f90123456789abcdef0123456789abcdef0",
  "certificateData": {
    "commonName": "Example Verifier",
    "country": "US",
    "notAfter": "2024-10-22T00:00:00Z",
    "notBefore": "2023-10-22T00:00:00Z"
  },
  "active": true,
  "isManaged": true
}

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

Delete a Verifier root CA certificate

DELETE/v2/presentations/certificates/ca/{certificateId}

Authorization

bearerAuth

AuthorizationBearer <token>

In: header

Path Parameters

certificateId*string

Unique identifier for the verifier root CA certificate.

Formatuuid

Response Body

`application/json`

curl -X DELETE "https://example.vii.au01.mattr.global/v2/presentations/certificates/ca/281d20b3-42a3-40dd-b29a-115ff32b02b7"

Empty

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}

Verifier root CA certificates

200application/json

400application/json

409application/json

200application/json

200application/json

404application/json

200application/json

400application/json

404application/json

204

404application/json

On this page

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`

`application/json`