light-mode-image
Learn
Web

Web verification quickstart guide

This quickstart is for evaluating the MATTR Pi Verifier Web SDK. In about 15-20 minutes you will configure a MATTR VII verifier tenant, run a sample web verifier application, and verify an mDoc presented remotely from the MATTR GO Hold example wallet using the remote presentation workflow defined by OID4VP and ISO/IEC 18013-7:2025.

Estimated time: 15-20 minutes.

Use this guide as a fast evaluation path to see the Verifier Web SDK working end-to-end. For more detailed instructions and API examples, see the tutorial and reference documentation.

Using the Verifier Web SDK to verify an mDoc presented remotely to a web application:

User experience

In this quickstart you will perform both of these flows yourself using a MATTR VII verifier tenant, the Verifier Web SDK sample application, and the MATTR GO Hold example app:

Tutorial Workflow

  1. The user interacts with your web application on their mobile device browser.
  2. The user is asked to present information as part of the interaction.
  3. The user is redirected to their wallet application.
  4. The user is informed of what information they are about to share and provide their consent.
  5. The wallet application authenticates the user and shares the information with the verifier.
  6. The user is redirected back to the web application where verification results are displayed, enabling them to continue with the interaction.

Tutorial Workflow

  1. The user interacts with your web application on their desktop browser.
  2. The user is asked to present information as part of the interaction.
  3. The user scans a QR code using a mobile device with an installed wallet application.
  4. The wallet application is launched on the mobile device.
  5. The user is informed of what information they are about to share and provide their consent.
  6. The wallet application authenticates the user and shares the information with the verifier.
  7. Verification results are displayed in the user's desktop browser, enabling them to continue with the interaction.

Prerequisites

  • MATTR VII tenant access via the MATTR Portal. Apply for access here.
  • Install the MATTR GO Hold example app for iOS or Android.
  • Sign up for a free ngrok.com account and make note of your ngrok authentication token. We will be using ngrok to expose your local web application to the internet.

Part 1: Configure the MATTR VII verifier tenant (5 minutes)

These steps configure your verifier tenant so the sample web verifier application can request and verify mDocs issued by a trusted issuer.

Configure a Verifier application on MATTR VII

This creates the web verifier application that the Verifier Web SDK will use when interacting with the MATTR VII tenant to request and receive credential presentations.

  1. Log into the MATTR Portal.
  2. Switch to your tenant if you have access to multiple tenants, or create a new tenant if needed.
  3. Expand the Credential Verification section in the left-hand navigation panel.
  4. Select Applications.
  5. Select the Create new button.
  6. Use the Name text box to insert a name for your application (e.g. My Web Verifier).
  7. Use the Type radio button to select Web.
  8. Use the Allowed domains text box to insert a placeholder domain name (e.g. place-holder.com).
    You will update this placeholder value later.
  9. Use the Redirect URIs text box to insert a placeholder redirect URI (e.g. https://place-holder.com/redirect).
    You will update this placeholder value later.
  10. Select the Create button to create the new application and display the Application detail screen.
  11. Copy and record the ID value. You will use it in the next step.

Configure a trusted issuer

In this quickstart you will add a MATTR-provided demo issuer certificate so your verifier accepts mDocs issued by this issuer.

  1. Select Trusted issuers under the Credential Verification section.
  2. Select the Create new button.
  3. Copy and paste the following certificate into the dialogue box.
-----BEGIN CERTIFICATE-----
MIICYzCCAgmgAwIBAgIKXhjLoCkLWBxREDAKBggqhkjOPQQDAjA4MQswCQYDVQQG
EwJBVTEpMCcGA1UEAwwgbW9udGNsaWZmLWRtdi5tYXR0cmxhYnMuY29tIElBQ0Ew
HhcNMjQwMTE4MjMxNDE4WhcNMzQwMTE1MjMxNDE4WjA4MQswCQYDVQQGEwJBVTEp
MCcGA1UEAwwgbW9udGNsaWZmLWRtdi5tYXR0cmxhYnMuY29tIElBQ0EwWTATBgcq
hkjOPQIBBggqhkjOPQMBBwNCAASBnqobOh8baMW7mpSZaQMawj6wgM5e5nPd6HXp
dB8eUVPlCMKribQ7XiiLU96rib/yQLH2k1CUeZmEjxoEi42xo4H6MIH3MBIGA1Ud
EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRFZwEOI9yq
232NG+OzNQzFKa/LxDAuBgNVHRIEJzAlhiNodHRwczovL21vbnRjbGlmZi1kbXYu
bWF0dHJsYWJzLmNvbTCBgQYDVR0fBHoweDB2oHSgcoZwaHR0cHM6Ly9tb250Y2xp
ZmYtZG12LnZpaS5hdTAxLm1hdHRyLmdsb2JhbC92Mi9jcmVkZW50aWFscy9tb2Jp
bGUvaWFjYXMvMjk0YmExYmMtOTFhMS00MjJmLThhMTctY2IwODU0NWY0ODYwL2Ny
bDAKBggqhkjOPQQDAgNIADBFAiAlZYQP95lGzVJfCykhcpCzpQ2LWE/AbjTGkcGI
SNsu7gIhAJfP54a2hXz4YiQN4qJERlORjyL1Ru9M0/dtQppohFm6
-----END CERTIFICATE-----
  1. Click the Add button.

Part 2: Run the Sample Web Verifier Application (5-10 minutes)

In this section you will clone, configure, and run a sample web verifier application that uses the Verifier Web SDK.

Clone the sample application repository

Clone the Sample Apps repository
git clone https://github.com/mattrglobal/sample-apps.git

Configure the sample application

Configure the sample web verifier with details required to communicate with your MATTR VII tenant and verifier application.

  1. Navigate to the sample web verifier application directory:
Navigate to the sample web verifier application directory
cd sample-apps/verifier-web-tutorial
  1. Rename the env-template file to .env:
Rename the env-template file
mv env-template .env
  1. Open the .env file in your code editor and only update the following values:
  • NEXT_PUBLIC_TENANT_URL: Your MATTR VII tenant URL, available in the MATTR Portal under Platform Management > Tenant.
  • NEXT_PUBLIC_APPLICATION_ID: Unique identifier of the Verifier application you created in the previous step.
  • NGROK_AUTHTOKEN: Your ngrok authentication token.

This is how the values in the updated .env file should look like:

NEXT_PUBLIC_TENANT_URL="https://learn.vii.au01.mattr.global"
NEXT_PUBLIC_APPLICATION_ID="84a9c4e0-e597-4183-b231-3d0d699104a6"
NGROK_AUTHTOKEN="2bKVt************************************"

Start the application

  1. Start the application:
Start the application
npm install
npm run dev
  1. Open your terminal and copy the public URL provided by ngrok (e.g. https://abc-123-xyz.ngrok-free.app).

You should now see the sample web verifier application running and reachable at your ngrok public URL.

Update the Verifier application configuration

Now point your verifier application configuration at the public URL of the sample web verifier application so the Verifier Web SDK can complete the remote presentation flow.

  1. Go back to the MATTR Portal.
  2. Expand the Credential Verification section in the left-hand navigation panel.
  3. Select Applications.
  4. Select the Verifier application you created in the first step.
  5. Select the Edit button.
  6. Replace the placeholder domain in the Allowed domains text box with the ngrok domain from the previous step. Make sure to remove the https:// prefix (e.g. abc-123-xyz.ngrok-free.app).
  7. Replace the placeholder redirect URI in the Redirect URIs text box with a URI on the same ngrok domain. Make sure to include the https:// prefix (e.g. https://abc-123-xyz.ngrok-free.app).
  8. Select the Update button.

Part 3: Test the application (5 minutes)

Claim a credential to present

In order to test the verification flow, you need to have a compatible mDoc in your wallet to present. You can use the MATTR GO Hold example app to claim a demo mDL credential issued by the MATTR demo issuer you added as a trusted issuer in the tenant configuration steps.

  1. Open the MATTR GO Hold example app and tap the Blue Share button.
  2. Select Respond or Collect (You may need to allow the app to access your camera).
  3. Scan the following QR code:

QR Code

  1. Follow the on-screen instructions to claim the credential into your MATTR GO Hold example app.

This credential will be used in the next step when you test the remote verification flow in the sample web verifier application.

Test the remote verification flow

Next, use the GO Hold app and the sample web verifier to complete both same-device and cross-device remote verification flows.

  1. Open the ngrok public URL in a browser on a mobile device where the MATTR GO Hold example app is installed.
  2. Select the Request Credential button.
  3. Select Allow to open the MATTR GO Hold example app.
  4. The app should launch and display what information is requested for verification.
  5. Select Start.
  6. Select Confirm to share the credential.
  7. The web application should display the verification results.
  1. In a desktop browser, open the ngrok public URL (Do not use localhost as the cross-device flow requires a publicly accessible URL).
  2. Select the Request Credential button. A QR code will be displayed.
  3. Open the MATTR GO Hold example app and tap the Blue Share button.
  4. Select Respond or Collect (You may need to allow the app to access your camera).
  5. Scan the QR code.
  6. The app will display what information is requested for verification.
  7. Select Start.
  8. Select Confirm.
  9. Back on your desktop browser, the web application should display the verification results.

Understand the codebase

The sample web verifier application uses the Verifier Web SDK to implement the OID4VP flow and verify mDocs presented remotely from a wallet. Once you have the sample running, use this section to inspect the key SDK calls you will reuse in your own application.

The main steps are:

Initialize the SDK

In the sample application, this runs during startup so the Verifier Web SDK knows which tenant and verifier application to use:

Initialize the SDK
MATTRVerifierSDK.initialize({
  apiBaseUrl: "<YOUR_TENANT_URL>",
  applicationId: "<APPLICATION_ID>",
});
  • apiBaseUrl: The base URL of the MATTR tenant used to handle mDocs verification.
  • applicationId: The ID of a verifier application in the referenced MATTR tenant.

Create a credential query

Defining a credential query object specifies the type of credential and the attributes you want to request from the user for verification. For example, the following query requests an mDL with specific attributes:

Create a credential request
const credentialQuery = {
  profile:
    "MATTRVerifierSDK.OpenidPresentationCredentialProfileSupported.MOBILE",
  docType: "org.iso.18013.5.1.mDL",
  nameSpaces: {
    "org.iso.18013.5.1": {
      age_over_18: {},
      given_name: {},
      family_name: {},
      portrait: {},
    },
  },
};
  • profile : The profile to use for the credential query.
  • docType: The type of the mDoc to query.
  • nameSpaces: The namespaces and attributes to request from the mDoc.

Define credential request options

Defining the credential request options specifies the details of how you want to handle the OID4VP flow, including the credential query, challenge and OID4VP configuration:

Define credential request options
const options = {
  credentialQuery: [credentialQuery],
  challenge: generateChallenge(),
  openid4vpConfiguration: {
    redirectUri: "<YOUR_APP_REDIRECT_URI>",
    walletProviderId: "<YOUR_WALLET_PROVIDER_ID>",
  },
};
  • credentialQuery : Define what information is requested from the user for verification.
  • challenge: A unique challenge string to prevent replay attacks.
  • openid4vpConfiguration: Configuration for the OID4VP flow:
    • redirectUri: The web application to redirect the user to after completing a same-device presentation flow. Must match the redirect URI configured in the Verifier application settings on the MATTR tenant.
    • walletProviderId: The ID of a trusted wallet provider configured in the Verifier application settings on the MATTR tenant. The tenant will only accept mDocs presented by wallets from this provider. Refer to the tutorial to learn how to configure a wallet provider ID for a specific wallet application.

Request credentials and handle the verification results

Requesting credentials from the wallet will trigger the OID4VP flow, including a redirection to the wallet for same-device flows or QR code generation for cross-device flows. Once the flow is completed, the results of the verification will be returned to the application:

Request credentials
const results = await MATTRVerifierSDK.requestCredentials(options);

Once results are returned, you can parse and display them to the user as per your requirements.

This quickstart guide is a basic example of how to use the Verifier Web SDK. To make the solution more secure and representative of real-world integrations, it’s recommended to introduce a backend into the workflow. This “back-channel” approach allows your backend to retrieve and validate verification results directly from your MATTR VII tenant. It also enables you to correlate verification outcomes with user sessions in your own system—something that’s essential for realistic POCs and production deployments. Refer to the tutorial for a more complete example of this approach.

Next steps

  • For your evaluation:
    • Note how long this quickstart took and any friction you encountered.
    • Consider how the sample query and result handling would map to your real verification use case (for example, which attributes you’d request and how you’d display them).
  • Explore the tutorial for detailed instructions and explanations.
  • Refer to the DC API guide to learn how to implement the same verification flow using the Digital Credentials API to request credentials.

How would you rate this page?

Last updated on

Workflow

Previous Page

Tutorial

Next Page

On this page

User experience
Prerequisites
Part 1: Configure the MATTR VII verifier tenant (5 minutes)
Configure a Verifier application on MATTR VII
Configure a trusted issuer
Part 2: Run the Sample Web Verifier Application (5-10 minutes)
Clone the sample application repository
Configure the sample application
Start the application
Update the Verifier application configuration
Part 3: Test the application (5 minutes)
Claim a credential to present
Test the remote verification flow
Understand the codebase
Initialize the SDK
Create a credential query
Define credential request options
Request credentials and handle the verification results
Next steps