Sign a Digital Covid Certificate

Introduction

This guide will step through how to issue a Digital Covid Certificate (DCC).

Prerequisites

You need the following in order to proceed with this tutorial

- Access to MATTR VII APIs

- A document signer loaded onto your MATTR VII tenant

- A valid EU Digital Covid Certificate JSON payload that conforms to schema version 1.3 or above.

If you’re experiencing any difficulties, please contact us.

Sign a DCC

A valid DCC JSON payload must be supplied in the body of the sign request.

The certificate will be signed using CBOR Object Signing and Encryption (COSE), as per the EUDCC specification, and then encoded as a base45 string.

As part of processing the request, validation will be performed against the DCC schema, using the version specified in the DCC payload, to ensure the DCC is valid before being signed.

The data provided in the request is not stored at any stage on the MATTR platform. The information is held temporarily in memory to allow the processing of the request and discarded once generated.

Sign a DCC by invoking the API as follows.

Request

http
Copy to clipboard.
1POST https://YOUR_TENANT_SUBDOMAIN.vii.mattr.global/ext/dcc/v1/sign
json
Copy to clipboard.
1{
2    "payload": {
3        "ver": "1.3.0",
4        "nam": {
5        "fn": "Smith-Jones",
6        "fnt": "SMITH<JONES",
7        "gn": "Charles Edward",
8        "gnt": "CHARLES<EDWARD"
9        },
10        "dob": "1964-01-01",
11        "v": [
12        {
13            "tg": "840539006",
14            "vp": "1119349007",
15            "mp": "EU/1/20/1507",
16            "ma": "ORG-100031184",
17            "dn": 1,
18            "sd": 2,
19            "dt": "2021-06-11",
20            "co": "NL",
21            "is": "Ministry of Health Welfare and Sport",
22            "ci": "URN:UVCI:01:NL:DADFCC47C7334E45A906DB12FD859FB7#1"
23        }
24        ]
25    }
26}

Response

json
Copy to clipboard.
1{
2    "payload": "HC1:6BFOXN%TSMAHN-HQO8%TEN*FQ8RESL/R83MJ2FCXK9.JAEJP .I0NUULINJPIRPQHIZC4TPIFRMLNKNM8POCEUG*%NH$RSC98IF3MOAGJGB3D0C5HF80P1FDEZ48MOQ:J* 3I0CU0GQJO9NT.HFCA3 X8 KLYF1FD5-FHWC59NT8X4Q2QC:HQ-77JO+0M7NS A8HJP7NVDEBR0JE+45$0H78HABVCNAHLW 70SO:GOLIROGO3T59YLLYP-HQLTQ9R0+L67PPDFPVX1R270:6NEQ.P6KLU%TE6UG+ZEAT1HQ1BT1VW5IMIBRUFTIPPAIMI.J9WVHDYHT-84LTYD3SZ4I25FMV3ZCU3B5IVV5TN%2UP20J5/5LEBFD-48YIM557AL XK$%2XE557TT25-037:2SP4*2DN43U*0CEBQ/GXQFY73OMBMNVVINARNQA77UJ4O79J3*UJLOJ/G7DG3VIN 73PLN09B6LBUC7AK5J5S8BHJHQA$LPQVGD6QHK*$P8RFR76MK6%ARZWCBCBTBTZSU*FLR3JMX4ICV+7OD+AN-2P8EMJIVDF17F7LT6SF*8UA7OB2JR748CLI 9V+VV10EHSA1",
3    "metadata": {
4        "documentSignerId": "681c2571-07db-4a95-891a-7ac4d439893d",
5        "issuedAt": "2021-09-20T20:46:17.448Z",
6        "expiry": "2022-09-20T20:46:17.448Z"
7    }
8}

The response includes the signed payload, which is a base45 encoded string that represents the DCC. The response also returns some additional metadata that provides specific information about the signing operation.