| sidebar_position | 2 |
|---|---|
| title | OpenID4VP |
OpenID4VP over the DC API utilizes the mechanisms of the DC API while also allowing to leverage advanced security features of OpenID4VP, if needed. It also defines the OpenID4VP request parameters that MAY be used with the DC API. For more details, refer to the OpenID for Verifiable Presentations specification.
Presentation of the verifiable credentials consists of 2 parts:
- Presentation Request
- Presentation Response
The Verifier backend provides the presentation request to the browser's JavaScript environment, which then invokes the Digital Credentials API as documented in dc-api. The presentation request can be of 2 types:
This is a base64url-encoded and signed Request Object (the example below is signed with ES256 algorithm). More details can be found in the OpenID for Verifiable Presentations specification. Below is an example:
{
"digital": {
"requests": [
{
"data": {
"request": "eyJ0eXAiOiJvYXV0aC1hdXRoei1yZXErand0IiwiYWxnIjoiRVMyNTYiLCJ4NWMiOlsiTUlJQjl6Q0NBWnlnQXdJQkFnSVVVR1d5TllsajZSbnpwNUxJUHRHUFdLelN6QTB3Q2dZSUtvWkl6ajBFQXdJd09URUxNQWtHQTFVRUJoTUNWVk14S2pBb0JnTlZCQU1NSVdScFoybDBZV3hqY21Wa2N5NWtaWFl1ZEhKMWMzUmxaSEJoZEdndWFXNW1iekFlRncweU5UQTBNak14T1RVMk1ETmFGdzB5TmpBME1qTXhPVFUyTUROYU1Ea3hDekFKQmdOVkJBWVRBbFZUTVNvd0tBWURWUVFERENGa2FXZHBkR0ZzWTNKbFpITXVaR1YyTG5SeWRYTjBaV1J3WVhSb0xtbHVabTh3V1RBVEJnY3Foa2pPUFFJQkJnZ3Foa2pPUFFNQkJ3TkNBQVRFUTM1UGd6TlUrMUFnUjZMeGJCUVphSk5pRzlSeEhXQmxkeFdLd25FZ3RWRDFhOGw1eGNnaGxGeGQ2b0lJd3Y2T0FrOE1TaHY4WXpkaTVaWlBWb2pWbzRHQk1IOHdMQVlEVlIwUkJDVXdJNEloWkdsbmFYUmhiR055WldSekxtUmxkaTUwY25WemRHVmtjR0YwYUM1cGJtWnZNQjBHQTFVZERnUVdCQlNDNGVRNXdkVjIrOFE5aU1MMkdEaXArL2l6aVRBZkJnTlZIU01FR0RBV2dCU0M0ZVE1d2RWMis4UTlpTUwyR0RpcCsvaXppVEFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQW9HQ0NxR1NNNDlCQU1DQTBrQU1FWUNJUURYNkJRbW5YN3FOcWl4MWJBeWNaSmZiclJ5VVNPcU8ydUYySDh0MXBoWE5nSWhBUG9yMXNNOE9KaUhYMGUvalRsc01zQ3BpMGk1ekJBaGxUZDBWVndYN0lsOSJdfQ.eyJyZXNwb25zZV90eXBlIjoidnBfdG9rZW4iLCJyZXNwb25zZV9tb2RlIjoiZGNfYXBpLmp3dCIsIm5vbmNlIjoiWlFTQ2t2VktoR2xjUkcyZGRwR0d6c1lOMSIsImNsaWVudF9tZXRhZGF0YSI6eyJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IkVDIiwidXNlIjoiZW5jIiwiY3J2IjoiUC0yNTYiLCJraWQiOiI4OWI3YWIyNDg4ODUyZjVmNDhjMWM0NGNjZTk5NTk1MGMyMWNhM2YxNjRkODFjMDlkNmE1Yzk3Nzk1YjYxOGIzIiwieCI6IkxaMm14c0MzWEQ0TVVNTUVVamRXUFV1MkR5dDc1X2YwVHF1a29FOVFDaVkiLCJ5IjoiV0FuTjNjQlkwVHRueHY1QlBNbksyXzZ1cS1yQTN0ME03MGpkZ25VbmhsRSJ9XX0sInZwX2Zvcm1hdHNfc3VwcG9ydGVkIjp7Im1zb19tZG9jIjp7Imlzc3VlcmF1dGhfYWxnX3ZhbHVlcyI6Wy03XSwiZGV2aWNlYXV0aF9hbGdfdmFsdWVzIjpbLTddfX19LCJkY3FsX3F1ZXJ5Ijp7ImNyZWRlbnRpYWxzIjpbeyJpZCI6Im1kbCIsImZvcm1hdCI6Im1zb19tZG9jIiwibWV0YSI6eyJkb2N0eXBlX3ZhbHVlIjoib3JnLmlzby4xODAxMy41LjEubURMIn0sImNsYWltcyI6W3sicGF0aCI6WyJvcmcuaXNvLjE4MDEzLjUuMSIsImZhbWlseV9uYW1lIl19LHsicGF0aCI6WyJvcmcuaXNvLjE4MDEzLjUuMSIsImdpdmVuX25hbWUiXX1dfV19LCJjbGllbnRfaWQiOiJ4NTA5X3Nhbl9kbnM6ZGlnaXRhbGNyZWRzLmRldi50cnVzdGVkcGF0aC5pbmZvIiwiZXhwZWN0ZWRfb3JpZ2lucyI6WyJodHRwczovL2RpZ2l0YWxjcmVkcy5kZXYudHJ1c3RlZHBhdGguaW5mbyJdfQ.uybMmjpTG9wCXNgnXGkBiFax8owB-cPy560PSxrufFGS4puw_E9tPgMueah_Wj87tSfKC0f3YIuD4MW1ca1M3g"
},
"protocol": "openid4vp-v1-signed"
}
]
}
}This is a JSON object. Below is an example:
{
"digital": {
"requests": [
{
"data": {
"client_metadata": {
"vp_formats_supported": {
"mso_mdoc": {
"deviceauth_alg_values": [
-7
],
"issuerauth_alg_values": [
-7
]
}
}
},
"dcql_query": {
"credentials": [
{
"claims": [
{
"path": [
"org.iso.18013.5.1",
"family_name"
]
},
{
"path": [
"org.iso.18013.5.1",
"given_name"
]
}
],
"format": "mso_mdoc",
"id": "mdl",
"meta": {
"doctype_value": "org.iso.18013.5.1.mDL"
}
}
]
},
"nonce": "WEHZdYwHcVzHyp8lw62LwV8Ay",
"response_mode": "dc_api",
"response_type": "vp_token"
},
"protocol": "openid4vp-v1-unsigned"
}
]
}
}The Verifier backend receives the presentation response from the browser's JavaScript environment, which had invoked the Digital Credentials API as documented in dc-api. This response can then be relayed to the Verifier backend for verification. More details can be found in the OpenID for Verifiable Presentations specification. The response can be of 2 types:
Details can be found in the OpenID for Verifiable Presentations specification. Below is an example of mdl encrypted response:
{
"data":{
"vp_token":{
"mdl": ["o2d2ZXJzaW9uYzEuMGlkb2N1bWVudHOBo2dkb2NUeXBldW9yZy5pc28uMTgwMTMuNS4xLm1ETGxpc3N1ZXJTaWduZWSiam5hbWVTcGFjZXOhcW9yZy5pc28uMTgwMTMuNS4xgtgYWFSkaGRpZ2VzdElEAGZyYW5kb21QyA1rq3z_3nYPSLhoQwcl0HFlbGVtZW50SWRlbnRpZmllcmtmYW1pbHlfbmFtZWxlbGVtZW50VmFsdWVlU21pdGjYGFhRpGhkaWdlc3RJRAFmcmFuZG9tUKfN8mrTghU-esMmxdQJ9NFxZWxlbWVudElkZW50aWZpZXJqZ2l2ZW5fbmFtZWxlbGVtZW50VmFsdWVjSm9uamlzc3VlckF1dGiEQ6EBJqEYIVkCxDCCAsAwggJnoAMCAQICFB5_GzKtTzTv5LDMB7ew4zOnCxhNMAoGCCqGSM49BAMCMHkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRwwGgYDVQQKDBNEaWdpdGFsIENyZWRlbnRpYWxzMR8wHQYDVQQDDBZkaWdpdGFsY3JlZGVudGlhbHMuZGV2MB4XDTI1MDIxOTIzMzAxOFoXDTI2MDIxOTIzMzAxOFoweTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxHDAaBgNVBAoME0RpZ2l0YWwgQ3JlZGVudGlhbHMxHzAdBgNVBAMMFmRpZ2l0YWxjcmVkZW50aWFscy5kZXYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATreTYr4tfzl8NQBH2D4eNiLONVazYPamjHWLsN3Gr4bAmvml1dDZk5dhLDWieRlpjKAA_IpMABbM2ISHjYBeNpo4HMMIHJMB8GA1UdIwQYMBaAFKJP9InZfEbobqOG2UdIzsy-3M_1MB0GA1UdDgQWBBTf_mpaEunAYsS8mKcl0tlw93pgKDA0BgNVHR8ELTArMCmgJ6AlhiNodHRwczovL2RpZ2l0YWwtY3JlZGVudGlhbHMuZGV2L2NybDAqBgNVHRIEIzAhhh9odHRwczovL2RpZ2l0YWwtY3JlZGVudGlhbHMuZGV2MA4GA1UdDwEB_wQEAwIHgDAVBgNVHSUBAf8ECzAJBgcogYxdBQECMAoGCCqGSM49BAMCA0cAMEQCIGHFy_V8weN78uCxM9ofIDEEXXCbWiEUDnpoMJvLB0LnAiBwr6LhxJv7p4wVzAnlGe0Ef8pqYxshyE8NufwfR_ULAlkDpNgYWQOfpmd2ZXJzaW9uYzEuMG9kaWdlc3RBbGdvcml0aG1nU0hBLTI1Nmdkb2NUeXBldW9yZy5pc28uMTgwMTMuNS4xLm1ETGx2YWx1ZURpZ2VzdHOhcW9yZy5pc28uMTgwMTMuNS4xsQBYIFzyZQg7ZkA1grdjM108zXfkzvHbFzlHOScn1GzZuv9OAVggXqOWEQI2XOdh43n-MHE1x9rwiCgyja9nGa6S3G7g0gwCWCAmSGOpISfK-s-ZpQIbcHVvYPEzjwuylPH-p8gc-n-04ANYIEBqAowiUts3l8LarZKqC7xDRcZQZEJ_La-Me_KjEmmzBFggcXDzD63D47INHQsad5Pxki834H4FNqUnJqHIsX_Z0BgFWCB929W3tRFzoRjElZksBRAzxdbqa3f8PVkoWjh1yK__OAZYIFB3Vn7spJAC-Gn8KHug63EOVoGbpfpgAGaplclPDRqqB1gg13dSWEeFYHH8KAzvvanHfH32PDME_8gxNMaaL_ajXa0IWCDimYKHpAKbLvP4fmh1iurn9nwJsa-qsTvOjmfq1qwMLQlYIJ30LH7o2TcTAgZWirVxOyxxF51Jw54XXHNURAI1bvRMClggqOdnvNdQEU4ly--lhhxuUMI6lgxEodCKNGLQ32AYZlwLWCCdn58bs0LsocwbrqeP38S_ETsVhbqYsZO1ISfNngoqmwxYIBpSS-NQZxNeiDpd6ed0EDDkcZ3d-Blqm4Mtg8vghwA3DVgg72cx0M_GmKyJXFlIZ7VsOsdWNjBYU6Efpck8_o51wRMOWCAhVhijSGH2AxUW4NZGa8TZEPzGt8HB5VNTIvMsC8ViaQ9YILQ5HQfNgQVrJdDE3kgKCosXjWpb5cf9xZSN1VTaD5vZEFgg1_wsn7f8q_MZtj5jgd1xv9GHkG20vW-AjBtNUtWMaMptZGV2aWNlS2V5SW5mb6FpZGV2aWNlS2V5pAECIAEhWCCl92rQyXlTH9IGjptkf1-NAqp7TlWQpc6U8c3ymc41EyJYIMuP7pXU_susKXLY0UZYbZfWppwqWAN7biHi83EXe4vEbHZhbGlkaXR5SW5mb6Nmc2lnbmVkwHgbMjAyNS0wNi0xNlQxNTo1NjowNy40MzQ4NDJaaXZhbGlkRnJvbcB4GzIwMjUtMDYtMTZUMTU6NTY6MDcuNDM0ODU2Wmp2YWxpZFVudGlswHgbMjAzNS0wNi0wNFQxNTo1NjowNy40MzQ4NTdaWEDVVbsN81M2DVAUxo2OKwC5evVExkrzJsfAGAjdoz3hMAkq64Eip2-9-Ja8SmiNc6cwqKXIG_RcKH877YZM9XxybGRldmljZVNpZ25lZKJqbmFtZVNwYWNlc9gYQaBqZGV2aWNlQXV0aKFvZGV2aWNlU2lnbmF0dXJlhEOhASag9lhA5H_ywACJmomFe_KE-g7JV-GPCqBZ7codseoXzFDlLdyp9nn7mWTACb9ZblP3IjzA-7yQXJsPeDf2DRNfB0FWjmZzdGF0dXMA"]
}
},
"id":"",
"protocol": "openid4vp-v1-unsigned",
"type":"digital"
}More details can be found in the OpenID for Verifiable Presentations specification. Below is an example of sd-jwt unencrypted response:
{
"data":{
"vp_token":{
"pid": ["eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCIsICJ4NWMiOiBbIk1JSUM1akNDQW8yZ0F3SUJBZ0lVRVJjNEQzRVpQY25MdXg2N1ZWZDU4d2lrWGRjd0NnWUlLb1pJemowRUF3SXdlakVMTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFnTUNrTmhiR2xtYjNKdWFXRXhGakFVQmdOVkJBY01EVTF2ZFc1MFlXbHVJRlpwWlhjeEhEQWFCZ05WQkFvTUUwUnBaMmwwWVd3Z1EzSmxaR1Z1ZEdsaGJITXhJREFlQmdOVkJBTU1GMlJwWjJsMFlXd3RZM0psWkdWdWRHbGhiSE11WkdWMk1CNFhEVEkxTURReU5URTBNVEl5TmxvWERUSTJNRFF5TlRFME1USXlObG93ZWpFTE1Ba0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBZ01Da05oYkdsbWIzSnVhV0V4RmpBVUJnTlZCQWNNRFUxdmRXNTBZV2x1SUZacFpYY3hIREFhQmdOVkJBb01FMFJwWjJsMFlXd2dRM0psWkdWdWRHbGhiSE14SURBZUJnTlZCQU1NRjJScFoybDBZV3d0WTNKbFpHVnVkR2xoYkhNdVpHVjJNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUV1TGQ1aUhPK05UNlJzNDZwQkFrQWM4RW1mb3gvOGtqSXJFclF2UGFBSjMxemRWWEV2a1pPZFFqV0wydy9xblJKZ2c4c2hETnp5RUZ0UENqMTg0WExGcU9COERDQjdUQWZCZ05WSFNNRUdEQVdnQlQ2aVpRaFo4NG83Mi9lWGZyZHpxMXBUSTdQQ2pBZEJnTlZIUTRFRmdRVWc3ZE1LSjViaElVTnBsS2RmWFlhUkdQQ2dOVXdJZ1lEVlIwUkJCc3dHWUlYWkdsbmFYUmhiQzFqY21Wa1pXNTBhV0ZzY3k1a1pYWXdOQVlEVlIwZkJDMHdLekFwb0NlZ0pZWWphSFIwY0hNNkx5OWthV2RwZEdGc0xXTnlaV1JsYm5ScFlXeHpMbVJsZGk5amNtd3dLZ1lEVlIwU0JDTXdJWVlmYUhSMGNITTZMeTlrYVdkcGRHRnNMV055WldSbGJuUnBZV3h6TG1SbGRqQU9CZ05WSFE4QkFmOEVCQU1DQjRBd0ZRWURWUjBsQVFIL0JBc3dDUVlIS0lHTVhRVUJBakFLQmdncWhrak9QUVFEQWdOSEFEQkVBaUFnR3VXekxpdnJGbTRWOU45SEN5Z1ErbHU2am9zN2FlZ0d1N2xaOEs1WFFRSWdLM1N0Rm5nL2YwTTdhcUZGWGs1S0VUUTN1UUZtY3JUcVE3eHJwWWF3dTFNPSIsICJNSUlDdVRDQ0FsK2dBd0lCQWdJVVE3aG5TbTNrSWRGdUFOYW5GcGs0ekVkeW4xc3dDZ1lJS29aSXpqMEVBd0l3ZWpFTE1Ba0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBZ01Da05oYkdsbWIzSnVhV0V4RmpBVUJnTlZCQWNNRFUxdmRXNTBZV2x1SUZacFpYY3hIREFhQmdOVkJBb01FMFJwWjJsMFlXd2dRM0psWkdWdWRHbGhiSE14SURBZUJnTlZCQU1NRjJScFoybDBZV3d0WTNKbFpHVnVkR2xoYkhNdVpHVjJNQjRYRFRJMU1EUXlOVEUwTVRJeU5sb1hEVE0xTURReE16RTBNVEl5Tmxvd2VqRUxNQWtHQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeEZqQVVCZ05WQkFjTURVMXZkVzUwWVdsdUlGWnBaWGN4SERBYUJnTlZCQW9NRTBScFoybDBZV3dnUTNKbFpHVnVkR2xoYkhNeElEQWVCZ05WQkFNTUYyUnBaMmwwWVd3dFkzSmxaR1Z1ZEdsaGJITXVaR1YyTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFcUlEL0lLV21UMGVlYmQzaEd5OEIwQ2R6VDlxclliOG5IYVFSNGJFNG5YUVFCSEF3ZFd5bTJqakxmYjVXbzJzSCtSdkZrRkFwUG5tdjBhcFA3SXkwaTZPQndqQ0J2ekFpQmdOVkhSRUVHekFaZ2hka2FXZHBkR0ZzTFdOeVpXUmxiblJwWVd4ekxtUmxkakFkQmdOVkhRNEVGZ1FVK29tVUlXZk9LTzl2M2wzNjNjNnRhVXlPendvd0h3WURWUjBqQkJnd0ZvQVUrb21VSVdmT0tPOXYzbDM2M2M2dGFVeU96d293RWdZRFZSMFRBUUgvQkFnd0JnRUIvd0lCQURBT0JnTlZIUThCQWY4RUJBTUNBUVl3S2dZRFZSMFNCQ013SVlZZmFIUjBjSE02THk5a2FXZHBkR0ZzTFdOeVpXUmxiblJwWVd4ekxtUmxkakFKQmdOVkhSOEVBakFBTUFvR0NDcUdTTTQ5QkFNQ0EwZ0FNRVVDSUEwdFc0ayt1SEFsOXRmNFdOa3NxRVIwT1JLK2pHd1NoV2Z2RjJtVzZKenZBaUVBaGhjQUxxNm1sSmd2MThwZnpjZ1B6N3lPMTc1bmxFWTF0ZVlpYVBmWWlucz0iXX0.eyJfc2QiOiBbIlZILXh3UVR4SW0tYWc0dGhNc2NoLUQ0RDZKQ2t6WmdfWVhhSDY1TVJLR0kiLCAibDRSMkNEVzZMcjZGLVZBTkc4WFNQdk1RSEZvQnkxMnpDMGdVa0ZYY2duZyJdLCAiYWdlX2VxdWFsX29yX292ZXIiOiB7Il9zZCI6IFsiU1ZNTjl5eGJmbGs4OGJ5aWRJb1VDWFBrbzk5T1A0NmJZbVhoMVdPZDlVZyIsICJVNm5JWFRZa0VBamJGWllBdzNZNzZCbzJnTzlRaHVObWhNdTZTV3pTLUNrIiwgImQwWmV5YW9fWmVOQXk0NDI5cldMMXpTRmxYV08wbjdCZXBqS2lpdVZaNXMiXX0sICJhZGRyZXNzIjogeyJfc2QiOiBbIjZ6djBMTDVlMkZGWHczcjVjeXlUaEhJWVRoUVoweXRUbTlOYmpiSkRkTjQiLCAiXy1kbVhUc2ZPc05DX3J0Qm9NZjNPaDFySUk4dHhuTlRick9PX3RrcFRZYyIsICJtRXBBYjg3eHd1VktqbHlVOGg4Sm1mX3RzdDlXNnNPaEhBb1FhSFl4alVFIiwgInNsUjlOSnhlemlnbmh1TURNYllZU1JmWnFiYUxYUmZZX3hIQnVVeUg3RTAiXX0sICJpc3MiOiAiaHR0cHM6Ly9kaWdpdGFsLWNyZWRlbnRpYWxzLmRldiIsICJpYXQiOiAxNjgzMDAwMDAwLCAiZXhwIjogMTg4MzAwMDAwMCwgInZjdCI6ICJ1cm46ZXVkaTpwaWQ6MSIsICJfc2RfYWxnIjogInNoYS0yNTYiLCAiY25mIjogeyJqd2siOiB7Imt0eSI6ICJFQyIsICJjcnYiOiAiUC0yNTYiLCAieCI6ICJvVXhTOWJGZkloMjZQLUxNU1pXamRDVHlhaEZoRllmSHRSTXYtbUt5MnkwIiwgInkiOiAiU2JHdHdEUHJySU56TkpQTmJ6cUdqMUp0SGNCUFowQzJCaS1MR3RVVDdSUSJ9fX0.vxSjJ4qlF3GuwBNwp5B-vf6nz6MITIWKY1vzKLK8Z_E86BXSTU1r3YlzXEB6M9D4FU24Uw-6_sTYfxsPVH-XAQ~WyJ5Qm11OVh6TmZRV3EtYkJYMnhHMHlnIiwgImZhbWlseV9uYW1lIiwgIk11c3Rlcm1hbm4iXQ~WyJmN0tjMXFNdlhHU0cxMEZyZDFmM19RIiwgImdpdmVuX25hbWUiLCAiRXJpa2EiXQ~eyJ0eXAiOiJrYitqd3QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3NTM0OTU2NTUsImF1ZCI6Im9yaWdpbjpodHRwOi8vMTI3LjAuMC4xOjgwMDAiLCJub25jZSI6IjZ3M2dLcnZDREdzRmw5UDJzRk9iQzZGb3oiLCJzZF9oYXNoIjoiRzc4YjRTWWhXeVA1eVFuVUdXNGFXY1pSWXg1MEx6WFZ4V0RVUFB5SUE5ZyJ9.N_dm0GxjqK18zp6Cv0mDRu0GrLYO-HwOc59KYwayQ0wWgndf5ZQRXjoc7EgTfcBZupHYoC7dBcC1dk-ajG9SaQ"]
}
},
"id":"",
"protocol": "openid4vp-v1-unsigned",
"type":"digital"
}