Verifying Verifiable Credentials via Digital Credentials API

This guide provides a comprehensive walkthrough for verifying a Verifiable Credential based on the W3C standard using the walt.id Verifier2 API. The verification process will utilize the Digital Credentials API (DC API), an extension of OpenID, facilitating secure and standardized communication between identities.

We recommend checking out our Digital Credential Button project, which provides a reference for how to invoke the Browser-based DC API. It contains up to date tutorials for setting up and end to end demo utilizing the DC API. This guide will just focus on how to configure the Verifier API for this use case.

Step 1: Preparing the Verification Session

VerificationSession defines the full lifecycle from authorization request → user presentation → policy validation → final result.

We support two different protocols for the DC API:

  • Over 18013-7 (Annex C) using flow_type = "dc_api-annex-c"
  • Over OpenID4VP 1.0 (Annex D) using flow_type = "dc_api"

For each of these, we support both same device and cross device flows. You can find many examples in the Digital Credential Button project as well as the swagger documentation for the Verifier API.

CURL

Endpoint: /verification-session/create | API Reference

Example Request

curl -X 'POST' \
  'https://verifier2.portal.test.waltid.cloud/verification-session/create' \
  -H 'accept: */*' \
  -H 'Authorization: Bearer {yourToken}' \
  -H 'Content-Type: application/json' \
  -d '{
  "flow_type": "dc_api",
  "core": {
    "dcql_query": {
      "credentials": [
        {
          "id": "my_mdl",
          "format": "mso_mdoc",
          "meta": {
            "doctype_value": "org.iso.18013.5.1.mDL"
          },
          "claims": [
            {
              "path": [
                "org.iso.18013.5.1",
                "family_name"
              ]
            },
            {
              "path": [
                "org.iso.18013.5.1",
                "given_name"
              ]
            },
            {
              "path": [
                "org.iso.18013.5.1",
                "age_over_21"
              ]
            }
          ]
        }
      ]
    },
    "signed_request": true,
    "encrypted_response": true,
    "clientId": "x509_hash:abc-xyz-base64url-sha256-hash-of-der-x509-leaf",
    "key": {
      "type": "jwk",
      "jwk": {
        "kty": "EC",
        "d": "AEb4k1BeTR9xt2NxYZggdzkFLLUkhyyWvyUOq3qSiwA",
        "crv": "P-256",
        "kid": "_nd-T2YRYLSmuKkJZlRI641zrCIJLTpiHeqMwXuvdug",
        "x": "G_TgBc0BkmMipiQ_6gkamIn3mmp7hcTrZuyrLTmknP0",
        "y": "VkRMZdXYXSMff5AJLrnHiN0x5MV6u_8vrAcytGUe4z4"
      }
    }
  },
  "expectedOrigins": [
    "http://localhost:7003"
  ]
}'

Body Parameters

  • flow_type: The flow type to be used for the verification.
  • core_flow: The core flow to be used for the verification.
    • dcql_query: The DCQL query to be used for the verification.
    • policies: The policies to be applied to the verification. You can find a list of all policies here.
  • redirects - An object containing the success and error redirect URLs. In previous versions of the verifier service, the redirect URLs were passed through headers successRedirectUri and errorRedirectUri.
  • urlHost - The host of the URL to be used for the verification session. In previous versions of the verifier service, the urlHost was passed through header authorizeBaseUrl.
  • urlPrefix - The prefix of the URL to be used for the verification session.
  • signed_request - Whether the request should be signed.
  • encrypted_response - Whether the response should be encrypted.
  • expectedOrigins: The expected origins for the verification. This is a requirement of the DC API.
  • clientId: The client ID to be used for the verification as per the HAIP specification.
  • key: The key used by the wallet to encrypt the response to the verifier (optional based on if you are using encrypted_response).

Response

{
  "sessionId": "ff4f0c86-56ce-4e4a-a137-dd5569049ff3",
  "bootstrapAuthorizationRequestUrl": "openid4vp://authorize?client_id=did%3Ajwk%3AeyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5Iiwia2lkIjoiU05JZ1ItTHZzSEUtNkhUUGxYYUpQVDVubHRZMFpqZlA0VkpTWEwzQ2ZkMCIsIngiOiJIVWM1ZHY1eFREV3VMVmZQcFdvVXBWTjZ1QTNJNzBsVzVnNEhoMG5VaDQ0In0&request_uri=http%3A%2F%2Forg.enterprise.localhost%3A3000%2Fv1%2Forg.tenant.verifier%2Fverifier2-service-api%2Fff4f0c86-56ce-4e4a-a137-dd5569049ff3%2Frequest",
  "fullAuthorizationRequestUrl": "openid4vp://authorize?response_type=vp_token&client_id=did%3Ajwk%3AeyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5Iiwia2lkIjoiU05JZ1ItTHZzSEUtNkhUUGxYYUpQVDVubHRZMFpqZlA0VkpTWEwzQ2ZkMCIsIngiOiJIVWM1ZHY1eFREV3VMVmZQcFdvVXBWTjZ1QTNJNzBsVzVnNEhoMG5VaDQ0In0&state=8faa6212-465f-4e3f-9a44-649d3d65845c&response_mode=direct_post&nonce=9a054852-46ab-4bbe-8fc1-b96882afcc4f&response_uri=http%3A%2F%2Forg.enterprise.localhost%3A3000%2Fv1%2Forg.tenant.verifier%2Fverifier2-service-api%2Fff4f0c86-56ce-4e4a-a137-dd5569049ff3%2Fresponse&dcql_query=%7B%22credentials%22%3A%5B%7B%22id%22%3A%22pid%22%2C%22format%22%3A%22dc%2Bsd-jwt%22%2C%22meta%22%3A%7B%22vct_values%22%3A%5B%22http%3A%2F%2Forg.enterprise.localhost%3A3000%2Fv1%2Fwaltid.issuer%2Fissuer-service-api%2Fopenid4vc%2Fdraft13%2Fidentity_credential%22%5D%7D%2C%22claims%22%3A%5B%7B%22path%22%3A%5B%22given_name%22%5D%7D%2C%7B%22path%22%3A%5B%22family_name%22%5D%7D%2C%7B%22path%22%3A%5B%22address%22%2C%22street_address%22%5D%7D%5D%7D%5D%7D&client_metadata=%7B%22client_name%22%3A%22walt.id+Enterprise+Verifier%22%2C%22logo_uri%22%3A%22https%3A%2F%2Fcdn.walt.id%2Fverifier%2Flogo.png%22%7D",
  "creationTarget": "org.tenant.verifier.ff4f0c86-56ce-4e4a-a137-dd5569049ff3"
}

You will receive a response containing the following fields:

  • sessionId: The ID of the verification session.
  • bootstrapAuthorizationRequestUrl: The shortened URL to the authorization request.
  • fullAuthorizationRequestUrl: The full URL to the authorization request.
  • creationTarget: The target of the verification session.

Step 2: Generating the DC API Request

For the next step, take the sessionId and make the following request to get the DC API request URL.

CURL
curl -X 'GET' \
  'https://verifier2.portal.test.waltid.cloud/verification-session/{sessionId}/request' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer {yourToken}'

Which will return the DC API request URL, which can be used with the Browser API

{
  "digital": {
    "requests": [
      {
        "protocol": "openid4vp-v1-signed",
        "data": {
          "client_id": "x509_hash:abc-xyz-base64url-sha256-hash-of-der-x509-leaf",
          "expected_origins": [
            "https://digital-credentials.walt.id"
          ],
          "request": "eyJ0eXAiOiJvYXV0aC1hdXRoei1yZXErand0IiwiZXhwIjoxNzY0Nzc4NjE3LCJpYXQiOjE3NjQ3NzgzMTcsImFsZyI6IkVTMjU2IiwieDVjIjpbIk1JSUJWekNCL2FBREFnRUNBZ2dOS1pBdlVydGltekFLQmdncWhrak9QUVFEQWpBZk1SMHdHd1lEVlFRRERCUjJaWEpwWm1sbGNpNWxlR0Z0Y0d4bExtTnZiVEFlRncweU5URXdNVFF3TmpJME1qQmFGdzB5TmpFd01UUXdOakkwTWpCYU1COHhIVEFiQmdOVkJBTU1GSFpsY21sbWFXVnlMbVY0WVcxd2JHVXVZMjl0TUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFRy9UZ0JjMEJrbU1pcGlRLzZna2FtSW4zbW1wN2hjVHJadXlyTFRta25QMVdSRXhsMWRoZEl4OS9rQWt1dWNlSTNUSGt4WHE3L3krc0J6SzBaUjdqUHFNak1DRXdId1lEVlIwUkJCZ3dGb0lVZG1WeWFXWnBaWEl1WlhoaGJYQnNaUzVqYjIwd0NnWUlLb1pJemowRUF3SURTUUF3UmdJaEFPdTBSR002QmpWUVVlcGVMQm9ndytaRDNNUTl2RnBwYlBJR01QanRuL3FkQWlFQXR0ZmRmeVhIZnpKMnRyK1Bjenlja3p2M05sTTQzNDYxY3ZQOTZzSXpPUUE9Il19.eyJyZXNwb25zZV90eXBlIjoidnBfdG9rZW4iLCJjbGllbnRfaWQiOiJ4NTA5X2hhc2g6YWJjLXh5ei1iYXNlNjR1cmwtc2hhMjU2LWhhc2gtb2YtZGVyLXg1MDktbGVhZiIsInJlc3BvbnNlX21vZGUiOiJkY19hcGkiLCJub25jZSI6IjE1ZmI2YTQ2LTQyNTktNDVlYy05NDFkLWU0NWQwYjA4YTlhZiIsImRjcWxfcXVlcnkiOnsiY3JlZGVudGlhbHMiOlt7ImlkIjoibXlfbWRsIiwiZm9ybWF0IjoibXNvX21kb2MiLCJtZXRhIjp7ImRvY3R5cGVfdmFsdWUiOiJvcmcuaXNvLjE4MDEzLjUuMS5tREwifSwiY2xhaW1zIjpbeyJwYXRoIjpbIm9yZy5pc28uMTgwMTMuNS4xIiwiZmFtaWx5X25hbWUiXX0seyJwYXRoIjpbIm9yZy5pc28uMTgwMTMuNS4xIiwiZ2l2ZW5fbmFtZSJdfSx7InBhdGgiOlsib3JnLmlzby4xODAxMy41LjEiLCJhZ2Vfb3Zlcl8yMSJdfV19XX0sImNsaWVudF9tZXRhZGF0YSI6e30sImV4cGVjdGVkX29yaWdpbnMiOlsiaHR0cHM6Ly9kaWdpdGFsLWNyZWRlbnRpYWxzLndhbHQuaWQiXX0.ESqmoJ_vpD-GQMSmw8CCdQWbiZQ9CBiuHnVi87DO3Jd94HPb48n-Zz9CwDw7R_ytd6_pPlZTUnpKLuVHMfWlog"
        }
      }
    ]
  }
}

Step 3: Handling the response

Once the wallet presents the credential, you will receive a response from the DC API containing the verifiable presentation like so from the wallet

{
  "protocol": "openid4vp-v1-signed",
  "data": {
    "vp_token": {
      "my_mdl": [
        "o2d2ZXJzaW9uYzEuMGlkb2N1bWVudHOBo2dkb2NUeXBldW9yZy5pc28uMTgwMTMuNS4xLm1ETGxpc3N1ZXJTaWduZWSiam5hbWVTcGFjZXOhcW9yZy5pc28uMTgwMTMuNS4xg9gYWFSkaGRpZ2VzdElEAGZyYW5kb21QEloNL96oPMkJmnXv9ESbW3FlbGVtZW50SWRlbnRpZmllcmtmYW1pbHlfbmFtZWxlbGVtZW50VmFsdWVlU21pdGjYGFhRpGhkaWdlc3RJRAFmcmFuZG9tUKQwy6zsJN0wZkMPQxjbyWJxZWxlbWVudElkZW50aWZpZXJqZ2l2ZW5fbmFtZWxlbGVtZW50VmFsdWVjSm9u2BhYT6RoZGlnZXN0SUQCZnJhbmRvbVBfiTVUPq1IQvzu0cugg7b9cWVsZW1lbnRJZGVudGlmaWVya2FnZV9vdmVyXzIxbGVsZW1lbnRWYWx1ZfVqaXNzdWVyQXV0aIRDoQEmoRghWQLEMIICwDCCAmegAwIBAgIUHn8bMq1PNO_ksMwHt7DjM6cLGE0wCgYIKoZIzj0EAwIweTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxHDAaBgNVBAoME0RpZ2l0YWwgQ3JlZGVudGlhbHMxHzAdBgNVBAMMFmRpZ2l0YWxjcmVkZW50aWFscy5kZXYwHhcNMjUwMjE5MjMzMDE4WhcNMjYwMjE5MjMzMDE4WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEcMBoGA1UECgwTRGlnaXRhbCBDcmVkZW50aWFsczEfMB0GA1UEAwwWZGlnaXRhbGNyZWRlbnRpYWxzLmRldjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOt5Nivi1_OXw1AEfYPh42Is41VrNg9qaMdYuw3cavhsCa-aXV0NmTl2EsNaJ5GWmMoAD8ikwAFszYhIeNgF42mjgcwwgckwHwYDVR0jBBgwFoAUok_0idl8Ruhuo4bZR0jOzL7cz_UwHQYDVR0OBBYEFN_-aloS6cBixLyYpyXS2XD3emAoMDQGA1UdHwQtMCswKaAnoCWGI2h0dHBzOi8vZGlnaXRhbC1jcmVkZW50aWFscy5kZXYvY3JsMCoGA1UdEgQjMCGGH2h0dHBzOi8vZGlnaXRhbC1jcmVkZW50aWFscy5kZXYwDgYDVR0PAQH_BAQDAgeAMBUGA1UdJQEB_wQLMAkGByiBjF0FAQIwCgYIKoZIzj0EAwIDRwAwRAIgYcXL9XzB43vy4LEz2h8gMQRdcJtaIRQOemgwm8sHQucCIHCvouHEm_unjBXMCeUZ7QR_ympjGyHITw25_B9H9QsCWQOk2BhZA5-mZ3ZlcnNpb25jMS4wb2RpZ2VzdEFsZ29yaXRobWdTSEEtMjU2Z2RvY1R5cGV1b3JnLmlzby4xODAxMy41LjEubURMbHZhbHVlRGlnZXN0c6Fxb3JnLmlzby4xODAxMy41LjGxAFggng2tWJR7fp49froXSRnsklR_sI-cX_vtNAgkCpdH7KcBWCC0FPEWRP0z6_Rt-ttqzJN5g6hoLJ3nrVljFBcO7RybfwJYIO6B7hZWOTAt0Kz_o7zCJclTcb6SJr_404PWx8RAzjN_A1ggeLRVnN98xkCw3ysIv4PDTCAhZkTqgDSVi-jkN9poMYUEWCDowY3mzymtYR69jFIoHo-NrNdCCxD9k9OogqIHrU3m0QVYILN8AZMmJ9Qq9bwUbsVAQVUP-QtoPmlYdIBTmXJNbr1oBlggzqXSfF8t4hF5hU5wGmxZa0he4VTpAQOCeUTNKP5rA5wHWCATqvZD_qvPdBVcFyUxmIRAK3CgDFrAdzfLMkkRyIIDzAhYIKzeNnZGdWcMC2mXpck7pWMHiVOMDGqSA5M_1lfqO7-wCVggVOyCZq3s73xJMoLhL4b1zoa_hV_twW4xUtyyoWm98nMKWCAzTGC3kG1f25U5RLQUOPNZ1fslnEvfMeLrRXgj19yFxgtYII0QK_PhhkC_VYFaCysXkdtwBGJb6Z3I8fFufwgIGo2NDFggQHxV4YQJLdbpxcfZiPIuocbCZDozc1f0fe9m4-lwVnENWCCY0f4Pabks2V2efyNUpA-Bc0qSG88o0gYgg6mZ-d48ww5YIHDHCfY18n5O6_740xNe_5HMn7D0jHFFymsk5FCNRSQ2D1gg4Qu7JMWCmI1bO1L8kN59jpJyZ9QXNgsG2p679UzAomAQWCAbGPycoabYvTGW6hX0onS3jiCLdi874pBb-hzB1STJ4W1kZXZpY2VLZXlJbmZvoWlkZXZpY2VLZXmkAQIgASFYIEgd6IsLll1JJy7WL7pRu_fcGKaJ8xCKt6klhXBcQJ9PIlggni7iZtdNwuuORu3f_5AeypnVHIu_U5rm4FtrGy-YyIJsdmFsaWRpdHlJbmZvo2ZzaWduZWTAeBsyMDI1LTA5LTI5VDAwOjE5OjUzLjYwODQ3M1ppdmFsaWRGcm9twHgbMjAyNS0wOS0yOVQwMDoxOTo1My42MDg0OTFaanZhbGlkVW50aWzAeBsyMDM1LTA5LTE3VDAwOjE5OjUzLjYwODQ5MlpYQCm_oEaEsbGd7vTDkT1DyLfJ8AYw4AVYYH5mvypCWe09qV2-iLNWF_Q5QMUwOotaJrblStdSZQK-HQydqYXumaxsZGV2aWNlU2lnbmVkompuYW1lU3BhY2Vz2BhBoGpkZXZpY2VBdXRooW9kZXZpY2VTaWduYXR1cmWEQ6EBJqD2WEAsvLdoWQ6ZxizNT8YFz3Kl0nkZDPv1UGjMTDuvCJcH7QCetj6_obSYXIQik5bBY4Pw1CmEsOwMMccuCincIxkoZnN0YXR1cwA"
      ]
    }
  }
}

Which you pass to the following verifier endpoint to verify the credential and run any policies you have configured.

CURL
curl -X 'POST' \
  'https://verifier2.portal.test.waltid.cloud/verification-session/{sessionId}/response' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer {yourToken}'
  -d '
  "protocol": "openid4vp-v1-signed",
  "data": {
    "vp_token": {
      "my_mdl": [
        "o2d2ZXJzaW9uYzEuMGlkb2N1bWVudHOBo2dkb2NUeXBldW9yZy5pc28uMTgwMTMuNS4xLm1ETGxpc3N1ZXJTaWduZWSiam5hbWVTcGFjZXOhcW9yZy5pc28uMTgwMTMuNS4xg9gYWFSkaGRpZ2VzdElEAGZyYW5kb21QEloNL96oPMkJmnXv9ESbW3FlbGVtZW50SWRlbnRpZmllcmtmYW1pbHlfbmFtZWxlbGVtZW50VmFsdWVlU21pdGjYGFhRpGhkaWdlc3RJRAFmcmFuZG9tUKQwy6zsJN0wZkMPQxjbyWJxZWxlbWVudElkZW50aWZpZXJqZ2l2ZW5fbmFtZWxlbGVtZW50VmFsdWVjSm9u2BhYT6RoZGlnZXN0SUQCZnJhbmRvbVBfiTVUPq1IQvzu0cugg7b9cWVsZW1lbnRJZGVudGlmaWVya2FnZV9vdmVyXzIxbGVsZW1lbnRWYWx1ZfVqaXNzdWVyQXV0aIRDoQEmoRghWQLEMIICwDCCAmegAwIBAgIUHn8bMq1PNO_ksMwHt7DjM6cLGE0wCgYIKoZIzj0EAwIweTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxHDAaBgNVBAoME0RpZ2l0YWwgQ3JlZGVudGlhbHMxHzAdBgNVBAMMFmRpZ2l0YWxjcmVkZW50aWFscy5kZXYwHhcNMjUwMjE5MjMzMDE4WhcNMjYwMjE5MjMzMDE4WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEcMBoGA1UECgwTRGlnaXRhbCBDcmVkZW50aWFsczEfMB0GA1UEAwwWZGlnaXRhbGNyZWRlbnRpYWxzLmRldjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOt5Nivi1_OXw1AEfYPh42Is41VrNg9qaMdYuw3cavhsCa-aXV0NmTl2EsNaJ5GWmMoAD8ikwAFszYhIeNgF42mjgcwwgckwHwYDVR0jBBgwFoAUok_0idl8Ruhuo4bZR0jOzL7cz_UwHQYDVR0OBBYEFN_-aloS6cBixLyYpyXS2XD3emAoMDQGA1UdHwQtMCswKaAnoCWGI2h0dHBzOi8vZGlnaXRhbC1jcmVkZW50aWFscy5kZXYvY3JsMCoGA1UdEgQjMCGGH2h0dHBzOi8vZGlnaXRhbC1jcmVkZW50aWFscy5kZXYwDgYDVR0PAQH_BAQDAgeAMBUGA1UdJQEB_wQLMAkGByiBjF0FAQIwCgYIKoZIzj0EAwIDRwAwRAIgYcXL9XzB43vy4LEz2h8gMQRdcJtaIRQOemgwm8sHQucCIHCvouHEm_unjBXMCeUZ7QR_ympjGyHITw25_B9H9QsCWQOk2BhZA5-mZ3ZlcnNpb25jMS4wb2RpZ2VzdEFsZ29yaXRobWdTSEEtMjU2Z2RvY1R5cGV1b3JnLmlzby4xODAxMy41LjEubURMbHZhbHVlRGlnZXN0c6Fxb3JnLmlzby4xODAxMy41LjGxAFggng2tWJR7fp49froXSRnsklR_sI-cX_vtNAgkCpdH7KcBWCC0FPEWRP0z6_Rt-ttqzJN5g6hoLJ3nrVljFBcO7RybfwJYIO6B7hZWOTAt0Kz_o7zCJclTcb6SJr_404PWx8RAzjN_A1ggeLRVnN98xkCw3ysIv4PDTCAhZkTqgDSVi-jkN9poMYUEWCDowY3mzymtYR69jFIoHo-NrNdCCxD9k9OogqIHrU3m0QVYILN8AZMmJ9Qq9bwUbsVAQVUP-QtoPmlYdIBTmXJNbr1oBlggzqXSfF8t4hF5hU5wGmxZa0he4VTpAQOCeUTNKP5rA5wHWCATqvZD_qvPdBVcFyUxmIRAK3CgDFrAdzfLMkkRyIIDzAhYIKzeNnZGdWcMC2mXpck7pWMHiVOMDGqSA5M_1lfqO7-wCVggVOyCZq3s73xJMoLhL4b1zoa_hV_twW4xUtyyoWm98nMKWCAzTGC3kG1f25U5RLQUOPNZ1fslnEvfMeLrRXgj19yFxgtYII0QK_PhhkC_VYFaCysXkdtwBGJb6Z3I8fFufwgIGo2NDFggQHxV4YQJLdbpxcfZiPIuocbCZDozc1f0fe9m4-lwVnENWCCY0f4Pabks2V2efyNUpA-Bc0qSG88o0gYgg6mZ-d48ww5YIHDHCfY18n5O6_740xNe_5HMn7D0jHFFymsk5FCNRSQ2D1gg4Qu7JMWCmI1bO1L8kN59jpJyZ9QXNgsG2p679UzAomAQWCAbGPycoabYvTGW6hX0onS3jiCLdi874pBb-hzB1STJ4W1kZXZpY2VLZXlJbmZvoWlkZXZpY2VLZXmkAQIgASFYIEgd6IsLll1JJy7WL7pRu_fcGKaJ8xCKt6klhXBcQJ9PIlggni7iZtdNwuuORu3f_5AeypnVHIu_U5rm4FtrGy-YyIJsdmFsaWRpdHlJbmZvo2ZzaWduZWTAeBsyMDI1LTA5LTI5VDAwOjE5OjUzLjYwODQ3M1ppdmFsaWRGcm9twHgbMjAyNS0wOS0yOVQwMDoxOTo1My42MDg0OTFaanZhbGlkVW50aWzAeBsyMDM1LTA5LTE3VDAwOjE5OjUzLjYwODQ5MlpYQCm_oEaEsbGd7vTDkT1DyLfJ8AYw4AVYYH5mvypCWe09qV2-iLNWF_Q5QMUwOotaJrblStdSZQK-HQydqYXumaxsZGV2aWNlU2lnbmVkompuYW1lU3BhY2Vz2BhBoGpkZXZpY2VBdXRooW9kZXZpY2VTaWduYXR1cmWEQ6EBJqD2WEAsvLdoWQ6ZxizNT8YFz3Kl0nkZDPv1UGjMTDuvCJcH7QCetj6_obSYXIQik5bBY4Pw1CmEsOwMMccuCincIxkoZnN0YXR1cwA"
      ]
    }
  }
}
'

Validating the Verification Session

You can query the verification session by using the following endpoint:

CURL
curl -X 'GET' \
  'https://verifier2.portal.test.waltid.cloud/verification-session/{sessionId}/info' \
  -H 'accept: application/json'
  -H 'Authorization: Bearer {yourToken}'

This will return the verification session object containing the following useful fields:

  • status: The status of the verification session.
  • attempted: Whether the verification session has been attempted.
  • reattemptable: Whether the verification session can be retried.
  • policyResults: The results of the policies applied to the verification session.
  • presentedRawData: The raw data verifiable presentation token.
  • presentedCredentials: The parsed credentials presented by the user.

Policy results will be split into vcPolicy and vpPolicy results. More information about the policy results can be found here.

You can find more information on how to configure different DC API request flows, and how to interact with the Browser-based DC API in our Digital Credential Button project.

Last updated on April 16, 2026
Verify Mobile Driver's Licenses (ISO/IEC 18013-7 mDL)Overview