search
ProductsCommunityGitHubShare Feedback

Auditor API - For Verifiers

Auditor REST API functions.

Swaggerarrow-up-right | ReDocarrow-up-right

The Auditor API enables anybody to act as a "Verifier" (i.e. verify Verifiable Credentials or Verifiable Presentations). The validation steps can be easily configured by existing or custom policies.

The following functionality is available:

hashtag
Verification

The /v1/verify endpoint verifies a list of credentials / presentations specified in the JSON-LD format against a set of policies. Each of the policy should be registered with the Auditor before being used in the verification. If at least one of the listed policies fails the verification, then the entire credential is considered to be invalid.

curl -X 'POST' \
  'https://auditor.ssikit.walt.id/v1/verify' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '<request-body>'

E.g Verification of a UniversityDegree credential against Signature and JsonSchema policies, where SignaturePolicy is failing.

curl -X 'POST' \
  'https://auditor.ssikit.walt.id/v1/verify' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{
    "policies":
    [
        {
            "policy": "SignaturePolicy"
        }
    ],
    "credentials":
    [
        {
            "@context":
            [
                "https://www.w3.org/2018/credentials/v1",
                "https://www.w3.org/2018/credentials/examples/v1"
            ],
            "credentialSubject":
            {
                "degree":
                {
                    "name": "Bachelor of Science and Arts",
                    "type": "BachelorDegree"
                },
                "id": "did:key:z6Mkv58vGsBMwbiyQ3P93MRnYfRgGvn4STEEsj5hFHYe51wu"
            },
            "id": "urn:uuid:7c9d7748-1b66-4361-98eb-c8aab625d9d6",
            "issued": "2022-10-06T15:49:20Z",
            "issuer":
            {
                "id": "did:key:z6MkkLmAVeM3P6B2LJ2xGrK1wVojCoephK4G9VrCcct42ADX"
            },
            "validFrom": "2022-10-06T15:49:20Z",
            "issuanceDate": "2022-10-06T15:49:20Z",
            "type":
            [
                "VerifiableCredential",
                "UniversityDegreeCredential"
            ],
            "proof":
            {
                "type": "JsonWebSignature2020",
                "creator": "did:key:z6MkkLmAVeM3P6B2LJ2xGrK1wVojCoephK4G9VrCcct42ADX",
                "created": "2022-10-06T15:49:20Z",
                "proofPurpose": "assertionMethod",
                "verificationMethod": "did:key:z6MkkLmAVeM3P6B2LJ2xGrK1wVojCoephK4G9VrCcct42ADX#z6MkkLmAVeM3P6B2LJ2xGrK1wVojCoephK4G9VrCcct42ADX",
                "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..iOAli2QhHpp0jZeF2tUj5H4gi_rwaWeypKE4gVdSePp-747gwDCm-bLFjE1MBOFSILZYBWtVWCitrTUmUDfUBw"
            }
        }
    ]
}'

hashtag
Policies

The Auditor Rest API also enables policy management with the following methods:

  • list - display the available verification policies

  • create - create a dynamic verification policy

  • delete - remove a dynamic verification policy

hashtag
List policies

The /v1/policies endpoint lists the available verification policies. The policy id field is used to reference the policy during verification.

E.g. Listing of the verification policies

hashtag
Create policy

The /v1/create/{name} creates a dynamic policy. The following parameters can be specified:

  • name path parameter (required) - specifies the value to be used as the policy id

  • update query parameter (optional, defualts to false) - accepts boolean values and specifies whether it should override an existing policy with the same name (only if the policy is mutable)

  • downloadPolicy query parameter (optional, defaults to false) - accepts boolean values and identifies the scope of the policy field:

    • specifies a remote source that should be resolved to a policy

    • specifies the actual policy content

More details on creating verification policies and fields definitions can be found at Verification Policiesarrow-up-right.

E.g. Creating a Rego policy that checks if a credential subject id is not null or empty

hashtag
Delete policy

The /v1/delete/{name} endpoint deletes a dynamic policy. The following parameters can be specified:

  • name path parameter (required) - specifies the id value of the policy

E.g. Removing the policy having 'MyPolicy' name

PreviousCredentials managementNextCore API

Last updated

Was this helpful?