Parameterized Policies

Some policies may require a parameter or argument for execution. The parameter is indicated in the policy list output, together with the expected data type.

Using A Parameterized Policy

Please refer to the SSI-Kit setup section to exectute the command successfully. Let's verify a credential using the parameterless SignaturePolicy and ChallengePolicy which taks a paramter.

ssikit vc verify \
-p SignaturePolicy \
-p ChallengePolicy='{"challenges": ["362df5ec-37ab-46a7-aa71-767d8f277b69"]}' \
src/test/resources/rego/VerifiableId.json

Flags

-p, --policy: Verification policy. Can be specified multiple times. By default, SignaturePolicy is used. To specify a policy argument (if required), use the format PolicyName='{"myParam": "myValue", ...}', to specify the JSON object directly, or PolicyName=path/to/arg.json, to read the argument from a JSON file.

The Challange Policy

It checks that the challenge of the credential is one of the challenges given in the ChallengePolicyArg argument.

Please refer to the SSI-Kit setup section to serve the API. Using the /v1/verify enpoint in the Auditor API to verify a credential

curl -X 'POST' \
  'http://127.0.0.1:7003/v1/verify' \
  -H 'accept: application/json' \
  -H 'Content-Type: text/plain' \
  -d '{
  "policies": [
    {
      "policy": "SignaturePolicy"
    }, 
    {
      "policy": "ChallengePolicy",
      "argument": {
        "challenges": [ "362df5ec-37ab-46a7-aa71-767d8f277b69" ]
      }
    }
  ],
  "credentials": [
     {
      "@context" : [ "https://www.w3.org/2018/credentials/v1" ],
      [...]
    }
  ]
}'

Body

{
  "policies": [
    {
      "policy": "SignaturePolicy"
    }, 
    {
      "policy": "ChallengePolicy",
      "argument": {
        "challenges": [ "362df5ec-37ab-46a7-aa71-767d8f277b69" ]
      }
    }
  ],
  "credentials": [
     {
      "@context" : [ "https://www.w3.org/2018/credentials/v1" ],
      [...]
    }
  ]
}

policies: [array] A list of policy definitions to verify against
- policy: [string] The name/id of the policy
- argument: [JSON] The argument needed by the policy (if required)
credentials: [array] An array of credentials in JWT, or LD_PROOF format

PreviousStatic Policies NextDynamic/Custom Policies

Last updated 1 year ago

Was this helpful?

curl -X 'POST' \ 'http://127.0.0.1:7003/v1/verify' \ -H 'accept: application/json' \ -H 'Content-Type: text/plain' \ -d '{ "policies": [ { "policy": "SignaturePolicy" }, { "policy": "ChallengePolicy", "argument": { "challenges": [ "362df5ec-37ab-46a7-aa71-767d8f277b69" ] } } ], "credentials": [ { "@context" : [ "https://www.w3.org/2018/credentials/v1" ], [...] } ] }'

{ "policies": [ { "policy": "SignaturePolicy" }, { "policy": "ChallengePolicy", "argument": { "challenges": [ "362df5ec-37ab-46a7-aa71-767d8f277b69" ] } } ], "credentials": [ { "@context" : [ "https://www.w3.org/2018/credentials/v1" ], [...] } ] }