Verify Credential

Verify a Credential using cheqd Studio.

Once you have issued your credential and have a JWT as part of the credential proof, you can use the /credential/verify API to check that the JWT has not been tampered.

Step 1: Obtain Credential to Verify

To verify a Credential, you can either pass the full Credential body or the JWT proof. These can be either obtained from a Credential that has been issued or from a Verifiable Presentation presented to the user.

Step 2: Configure Verification Parameters

The user is able to set verification parameters to filter whether they want to verify certain aspects of a Credential, including:

verifyStatus
  • true (indicates that the user wants to verify the Credential Status, requiring a credentialStatus property to be present in the Credential)

  • false (Default. Indicates that the user does not want to verify the Credential Status.

fetchRemoteContexts

When dealing with JSON-LD type Verifiable Credentials you also MUST provide the proper contexts within a Credential body. Set this to true ONLY if you want the @context URLs to be fetched in case they are a custom context.

  • true

  • false (default)

Step 3: Pass the Credential to the API

Simply paste the JWT or the full credential body into the request field of the /credential/verify API, and the API will give you a response including the following verification policies:

  1. Whether the Credential has been tampered

  2. Whether the Credential has a valid issuance date

  3. Whether the Credential has expired

  4. Whether the Credential Status is valid

Verify a Verifiable Credential.

This endpoint verifies a Verifiable Credential passed to it. As input, it can take the VC-JWT as a string or the entire credential itself.

post

/credential/verify

Authorizations
Query parameters
verifyStatusboolean

If set to true the verification will also check the status of the credential. Requires the VC to have a credentialStatus property.

fetchRemoteContextsboolean

When dealing with JSON-LD you also MUST provide the proper contexts. Set this to true ONLY if you want the @context URLs to be fetched in case they are a custom context.

allowDeactivatedDidboolean

If set to true allow to verify credential which based on deactivated DID.

Body
credentialobject

Verifiable Credential to be verified as a VC-JWT string or a JSON object.

policiesobject

Custom verification policies to execute when verifying credential.

Responses
curl -L \
  --request POST \
  --url '/credential/verify' \
  --header 'x-api-key: YOUR_API_KEY' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data '{"credential":{},"policies":{"issuanceDate":true,"expirationDate":true,"audience":false}}'
{
  "verified": true,
  "issuer": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0",
  "polices": {},
  "signer": {
    "controller": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0",
    "id": "did:cheqd:testnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0#key-1",
    "publicKeyBase58": "BTJiso1S4iSiReP6wGksSneGfiKHxz9SYcm2KknpqBJt",
    "type": "Ed25519VerificationKey2018"
  }
}

Last updated

Was this helpful?