Verify Credential

Verify a W3C Verifiable Credential using cheqd Studio.

Once you have issued your credential and have a JWT as part of the credential proof, you can use the /credential/verify API to check that the JWT has not been tampered.

Step 1: Obtain Credential to Verify

To verify a Credential, you can either pass the full Credential body or the JWT proof. These can be either obtained from a Credential that has been issued or from a Verifiable Presentation presented to the user.

Step 2: Configure Verification Parameters

The user is able to set verification parameters to filter whether they want to verify certain aspects of a Credential, including:

verifyStatus

true (indicates that the user wants to verify the Credential Status, requiring a credentialStatus property to be present in the Credential)
false (Default. Indicates that the user does not want to verify the Credential Status.

fetchRemoteContexts

When dealing with JSON-LD type Verifiable Credentials you also MUST provide the proper contexts within a Credential body. Set this to true ONLY if you want the @context URLs to be fetched in case they are a custom context.

true
false (default)

Step 3: Pass the Credential to the API

Simply paste the JWT or the full credential body into the request field of the /credential/verify API, and the API will give you a response including the following verification policies:

Whether the Credential has been tampered
Whether the Credential has a valid issuance date
Whether the Credential has expired
Whether the Credential Status is valid

Verify a Verifiable Credential.

post

This endpoint verifies a Verifiable Credential passed to it. As input, it can take the VC-JWT as a string or the entire credential itself.

Authorizations

Query parameters

verifyStatusbooleanOptional

If set to true the verification will also check the status of the credential. Requires the VC to have a credentialStatus property.

Default: false

fetchRemoteContextsbooleanOptional

When dealing with JSON-LD you also MUST provide the proper contexts. Set this to true ONLY if you want the @context URLs to be fetched in case they are a custom context.

Default: false

allowDeactivatedDidbooleanOptional

If set to true allow to verify credential which based on deactivated DID.

Default: false

Body

credentialobjectOptional

Verifiable Credential to be verified as a VC-JWT string or a JSON object.

Responses

200

The request was successful.

application/json

400

A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.

401

Access token is missing or invalid

500

An internal error has occurred. Additional state information plus metadata may be available in the response body.

post

POST /credential/verify HTTP/1.1
Host: 
x-api-key: YOUR_API_KEY
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 88

"credential={}&policies={'issuanceDate':true,'expirationDate':true,'audience':true}"

{
  "verified": true,
  "polices": {},
  "issuer": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0",
  "signer": {
    "controller": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0",
    "id": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0#key-1",
    "publicKeyBase58": "BTJiso1S4iSiReP6wGksSneGfiKHxz9SYcm2KknpqBJt",
    "type": "Ed25519VerificationKey2018"
  }
}

Last updated 10 days ago

Was this helpful?