Remote mobile verification quickstart guide
This guide provides a quick overview of how to use the MATTR Pi mDocs Mobile Verifier SDKs to verify an mDoc presented from another application on the same device via a remote presentation workflow as per OID4VP and ISO 18013-7 Annex B.
Use these guides as a quick reference to get started. For detailed information, explore the tutorial and reference documentation tailored for each platform.
Setup the MATTR VII Verifier tenant
Before embedding the Verifier SDK in your mobile application, you must configure your MATTR VII tenant to handle verification requests.
Create a verifier application configuration
- Log into the MATTR Portal.
- Navigate to Credential Verification > Applications.
- Select Create new.
- Enter a meaningful name for your application.
- Select the application type (e.g.,
iOSorAndroid). - Enter your Team ID (iOS) or Package Name (Android).
- Enter your application Bundle ID (iOS) or SHA-256 fingerprint (Android).
- In the OpenID4VP Configuration section, enter your Redirect URI (e.g.,
{your_app_bundleId}://my/path). - Select Create.
Make the following request to your MATTR VII tenant to create a verifier application configuration:
POST /v2/presentations/applications{
"name": "My Android Mobile Verifier Application",
"type": "android",
"packageName": "com.example.mobileverifiertutorial",
"openid4vpConfiguration": {
"redirectUri": "com.example.mobileverifiertutorial://oid4vp-callback"
},
"packageSigningCertificateThumbprints" : ["3A9F6C1D4E8B72F0A5C3D6E19B4F8A2C7D1E0B9F3A6C5D4E7B8F2A1C9D0E3F5B"]
}name: You can use whatever name you'd like, as long as it is unique on your tenant.packageName: Must match your application package name.openid4vpConfiguration:redirectUri: Must resolve to a path your app can handle.
packageSigningCertificateThumbprints: An array of SHA-256 thumbprints of the app signing certificates you will use to sign your application.
Response
{
"id": "0eaa8074-8cc4-41ec-9e42-072d36e2acb0",
"name": "My Android Mobile Verifier Application"
//... rest of application configuration
}id: This value is used to initialize the SDK so that requests coming from your verifier application can be recognized and trusted by the MATTR VII tenant.
Configure a trusted issuer
- Expand the Credential Verification section in the left-hand navigation panel.
- Select Trusted issuers.
- Select the Create new button.
- Use the Certificate PEM file to upload the public key certificate of the issuer you want to trust.
- Select the Add button to add the new trusted issuer.
Embed the Verifier SDK in your mobile application
Initialize the SDK
let platformConfiguration = PlatformConfiguration(
tenantHost: URL(string: "https://your-tenant.vii.mattr.global")!
)mobileCredentialVerifier = MobileCredentialVerifier.shared
try mobileCredentialVerifier.initialize(platformConfiguration: platformConfiguration)tenantHost: URL of your MATTR VII tenant.
val platformConfiguration = PlatformConfiguration(
tenantHost = URL("https://your-tenant.vii.mattr.global")
)MobileCredentialVerifier.initialize(context, platformConfiguration)tenantHost: URL of your MATTR VII tenant.
Coming soon...
Create a presentation request
let mobileCredentialRequest = MobileCredentialRequest(
docType: "org.iso.18013.5.1.mDL",
namespaces: [
"org.iso.18013.5.1": [
"family_name": false,
"given_name": false,
"birth_date": false
]
]
)docType: The type of credential being requested (e.g.,org.iso.18013.5.1.mDL).namespaces: A dictionary mapping each namespace to its requested attributes. Each attribute is a key with a Boolean indicating whether the verifier intends to retain this attribute (true) or not (false).
val mobileCredentialRequest = MobileCredentialRequest(
docType = "org.iso.18013.5.1.mDL", namespaces = NameSpaces(
mapOf(
"org.iso.18013.5.1" to DataElements(
mapOf(
"family_name" to false, "given_name" to false, "birth_date" to false
)
)
)
)
)docType: The type of credential being requested (e.g.,org.iso.18013.5.1.mDL).namespaces: A map of each namespace to its requested attributes. Each attribute is a key with a Boolean indicating whether the verifier intends to retain this attribute (true) or not (false).
Coming soon...
Request credentials from wallet application
let onlinePresentationResult = try await mobileCredentialVerifier.requestMobileCredentials(
request: [mobileCredentialRequest],
challenge: UUID().uuidString,
applicationId: "your-application-id"
)request: Array ofMobileCredentialRequestobjects defining what information to request.challenge: Unique challenge to identify this presentation session and prevent replay attacks. Generate a new challenge for every request.applicationId: Theidreturned when you created the verifier application configuration.
This method starts a presentation session with the MATTR VII tenant and redirects the user to a matching wallet application.
val onlinePresentationResult = mobileCredentialVerifier.requestMobileCredentials(
activity = activity,
request = listOf(mobileCredentialRequest),
applicationId = "your-application-id"
)activity: Defines the current activity context.request: List ofMobileCredentialRequestobjects defining what information to request.applicationId: Theidreturned when you created the verifier application configuration.
This method starts a presentation session with the MATTR VII tenant and redirects the user to a matching wallet application.
Coming soon...
Register a custom URL scheme
To handle redirects back to your application after credential presentation, register a custom URL scheme.
- Open your project in Xcode and select your application target.
- Select the Info tab.
- Expand the URL Types section.
- Select the plus button.
- Enter your bundle identifier in both the Identifier and URL Schemes fields.
This must match the redirectUri configured in your verifier application configuration.
To handle redirects back to your application after credential presentation, configure an intent filter in your AndroidManifest.xml:
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:scheme="your-package-name"
android:host="oid4vp-callback" />
</intent-filter>This must match the redirectUri configured in your verifier application configuration.
Coming soon...
Handle the redirect from the wallet
.onOpenURL { url in
mobileCredentialVerifier.handleDeepLink(url)
}Add this modifier to your SwiftUI view to handle the redirect from the wallet application. The SDK processes the response and updates your application with the verification results.
The SDK processes the response with the verification results.
Coming soon...
Handle the presentation response
The
requestMobileCredentials
method returns an
OnlinePresentationSessionResult
object. This response contains the presentation details provided by the holder, including any errors
encountered and the verification status of the credentials:
public struct OnlinePresentationSessionResult {
public let mobileCredentialResponse: MobileCredentialResponse?
public let error: OnlinePresentationResultError?
public let challenge: String?
public let sessionId: String
}guard let receivedCredentials = onlinePresentationSessionResult.mobileCredentialResponse?.credentials else {
let errorMessage = onlinePresentationSessionResult.error?.message ?? "No error message"
print("No response received: \(errorMessage)")
return
}
// Process the received credentials
for credential in receivedCredentials {
print("DocType: \(credential.docType)")
print("Verified: \(credential.verificationResult.verified)")
if let claims = credential.claims {
for (namespace, elements) in claims {
for (elementId, value) in elements {
print("\(namespace).\(elementId): \(value)")
}
}
}
}mobileCredentialResponse: Contains the verified credentials and their claims.error: Any error that occurred during the verification process.credentials: A list of presented credentials with their data, status, and verification results.
The
requestMobileCredentials
method returns an
OnlinePresentationSessionResult)
object. This response contains the presentation details provided by the holder, including any errors
encountered and the verification status of the credentials:
data class OnlinePresentationSessionResult(
val sessionId: String,
val challenge: String? = null,
val mobileCredentialResponse: MobileCredentialResponse? = null,
val error: OnlinePresentationResultError? = null
)val receivedCredentials = onlinePresentationResult.mobileCredentialResponse?.credentials
if (receivedCredentials == null) {
val errorMessage = onlinePresentationResult.error?.message ?: "No error message"
println("No response received: $errorMessage")
return
}
// Process the received credentials
for (credential in receivedCredentials) {
println("DocType: ${credential.docType}")
println("Verified: ${credential.verificationResult.verified}")
credential.claims?.forEach { (namespace, elements) ->
elements.forEach { (elementId, value) ->
println("$namespace.$elementId: ${value.value}")
}
}
}mobileCredentialResponse: Contains the verified credentials and their claims.error: Any error that occurred during the verification process.credentials: A list of presented credentials with their data, status, and verification results.
Coming soon...
Next steps
- Explore the detailed tutorial for step-by-step implementation guidance.
- Review the SDK reference documentation for your platform:
- Learn more about the remote verification workflow.
How would you rate this page?