Verifier API¶
API for initiating credential verification and validating presentations.
OpenAPI Specification
The Verifier OpenAPI specification is automatically generated from the backend service (springdoc-openapi).
- Verifier API (OpenAPI JSON) (requires the sandbox environment to be active).
Endpoints¶
| Method | Path | Description |
|---|---|---|
POST | /api/v1/authorization-request | Creates a new presentation session (returns session_id + URI/QR). |
GET | /api/v1/authorization-request/{id} | Integrator — Poll the verification status of an existing session by session_id. |
GET | /oid4vp/auth-request/{id} | Wallet-facing (OID4VP protocol) — The Wallet retrieves the presentation request JWT by session ID. Not a verification-status endpoint. |
POST | /oid4vp/auth-response | Wallet-facing (OID4VP protocol) — Endpoint where the Wallet sends the VP Token for verification. |
| Method | Path | Description |
|---|---|---|
GET | /api/login/events | SSE connection: the Portal subscribes to receive the presentation result (?state=<session_state>). |
| Method | Path | Description |
|---|---|---|
GET | /.well-known/openid-configuration | OIDC Discovery for the Verifier. |
GET | /oauth2/jwks | Verifier public keys for cryptographic validation. |
Response modes¶
The wallet sends the VP Token presentation directly via POST to the Verifier.
Response encrypted using the Verifier's public key. Provides stronger privacy on the channel.
Technical notes
- Protocol: OpenID4VP (OID4VP).
- Compatible with: OAuth2 / OIDC.
- Supported formats: JWT VP · SD-JWT VC (
dc+sd-jwt). - Cryptography: ES256 (ECDSA P-256).