Skip to main content
European CommissionEBSI European Blockchain

Verifier Functional Flows

Last updated on

Introduction

This document describes the Verifier Conformance Test flows and the usage of the protocol.

Verifier tests guidelines

Verifier tests are executed with a direct_post based VP Token Request and ID Token Request. The Verifier must respond with a redirect containing either a code and state or an error and error_description. While the Conformance Wallet does not follow the redirects, it will intercept them and evaluate the response.

The Verifiable Credential issuer is based on did:ebsi, which is anchored to the Trusted Issuers Registry. The Holder Wallet is based on did:key and interacts with the Verifier.

The Verifier must respond with a VP Token Request for scope ver_test:vp_token and with an ID Token Request for scope ver_test:id_token.

Verifiable Presentations and Verifiable Credentials must be validated according to OID4VP and VC Data. ID Token must be validated according to SIOPv2

Fixed Presentation Definition for VP Token Request

The following presentation_definition must be returned in VP Token Requests. The content may differ, but it must request three credentials with the type containing VerifiableAttestation. VP and VC algorithms must be ES256.

The test cases will return different credentials, which are all based on VerifiableAttestation.

Presentation Definition
{
id: '<any id, random or static>',
format: { jwt_vc: { alg: [ 'ES256' ] }, jwt_vp: { alg: [ 'ES256' ] } },
input_descriptors: [
{
id: '<any id, random or static>',
constraints: {
fields: [
{
path: [ '$.type' ],
filter: {
type: 'array',
contains: { const: 'VerifiableAttestation' }
}
}
]
}
},
{
id: '<any id, random or static>',
constraints: {
fields: [
{
path: [ '$.type' ],
filter: {
type: 'array',
contains: { const: 'VerifiableAttestation' }
}
}
]
}
},
{
id: '<any id, random or static>',
constraints: {
fields: [
{
path: [ '$.type' ],
filter: {
type: 'array',
contains: { const: 'VerifiableAttestation' }
}
}
]
}
}
]
}

Fixed content for ID Token Request

The ID Token Request must not contain any claims, and the scope must only contain openid.

The state parameter is mandatory for the ID Token Response when it is present in the ID Token Request sent by the "Authorization Server." In such cases, the Client must ensure that the values of the state parameter are identical in both.

ID Token Request
HTTP 302 Location: openid://
?client_id=https%3A%2F%2Fmy.verifier.com%2Fclient_id
&response_type=id_token
&scope=openid
&redirect_uri=https%3A%2F%2Fmy.verifier.com%2Fclient_id%2Fdirect_post
&request=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImM0S3JlcEpYem1CTVctcW8ybnREQ3drVGdMbTJDYl81ZWFiemtsalRoXzAifQ.eyJpc3MiOiJodHRwczovL215LWlzc3Vlci5yb2Nrcy9hdXRoIiwiYXVkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIiwiZXhwIjoxNTg5Njk5MTYyLCJyZXNwb25zZV90eXBlIjoiaWRfdG9rZW4iLCJyZXNwb25zZV9tb2RlIjoiZGlyZWN0X3Bvc3QiLCJjbGllbnRfaWQiOiJodHRwczovL215LWlzc3Vlci5yb2Nrcy9hdXRoIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9teS1pc3N1ZXIucm9ja3MvYXV0aC9kaXJlY3RfcG9zdCIsInNjb3BlIjoib3BlbmlkIiwic3RhdGUiOiI0OGEyYmFjNi0xMzBhLTQzNzgtYmNjMi0wNGViNTdjNTQzYjkiLCJub25jZSI6Im4tMFM2X1d6QTJNaiJ9.Jy2NzeMBsAAO-a43_Zp3ssdQBB091V9D_GJ5ZMYicTm4xAIW93e6AsbJTOFZspMW4j1I0nuBDSVA3c0RMRDFgA

JWT Header:
{
typ: 'JWT',
alg: 'ES256',
kid: 'WOyC6uZFF4sKcvgWriUEp-Sy4cOLQbG-1GXJ3jSMB8A'
}
JWT Payload:
{
iss: 'https://my.verifier.com/client_id',
aud: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
exp: 1589699162,
response_type: 'id_token',
response_mode: 'direct_post',
client_id: 'https://my.verifier.com/client_id',
redirect_uri: 'https://my.verifier.com/client_id/direct_post',
scope: 'openid',
state: '48a2bac6-130a-4378-bcc2-04eb57c543b9',
nonce: 'n-0S6_WzA2Mj'
}
ID Token Response
POST into https://my.verifier.com/client_id/direct_post
Content-Type: application/x-www-form-urlencoded

id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciJ9.eyJpc3MiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJzdWIiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJhdWQiOiJodHRwczovL215LWlzc3Vlci5yb2Nrcy9hdXRoIiwiZXhwIjoxNTg5Njk5MzYwLCJpYXQiOjE1ODk2OTkyNjAsInN0YXRlIjoiNDhhMmJhYzYtMTMwYS00Mzc4LWJjYzItMDRlYjU3YzU0M2I5Iiwibm9uY2UiOiJuLTBTNl9XekEyTWoifQ.QlpHFPFwbhFchcMVFX9Qi4PlAPBG96RSGPe7pgOnlgRZ0mDIPMmtae9ey7Tx4iZgQqH3WmGmdJTWD67eyX-qQQ

JWT Header:
{
typ: 'JWT',
alg: 'ES256',
kid: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r#z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r'
}
JWT Payload:
{
iss: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
sub: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
aud: 'https://my.verifier.com/client_id',
exp: 1589699360,
iat: 1589699260,
state: '48a2bac6-130a-4378-bcc2-04eb57c543b9',
nonce: 'n-0S6_WzA2Mj'
}

Generic flow

Non-normative examples

The Conformance Wallet starts the process with a registered client_id. The request initiates a code flow with scope of openid and TestType. The TestType is either ver_test:vp_token or ver_test:id_token depending on the test case.

Authorisation Request
GET from https://my.verifier.com/client_id/authorize
?response_type=code
&scope=openid+ver_test%3Avp_token
&state=tracker%3Dvcfghhj
&client_id=did%3Akey%3Az2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r
&redirect_uri=openid%3A%2F%2F
&nonce=glkFFoisdfEui43
&client_metadata=%7B%22vp_formats_supported%22%3A%7B%22jwt_vp%22%3A%7B%22alg%22%3A%5B%22ES256%22%5D%7D%2C%22jwt_vc%22%3A%7B%22alg%22%3A%5B%22ES256%22%5D%7D%7D%2C%22response_types_supported%22%3A%5B%22vp_token%22%2C%22id_token%22%5D%2C%22authorization_endpoint%22%3A%22openid%3A%2F%2F%22%7D

The ver_test:vp_token scope requires the Verifier to redirect a VP Token Request, where the presentation_definition must follow the Standardised Presentation Definition

VP Token Request
HTTP 302 Location: openid://
?client_id=https%3A%2F%2Fmy.verifier.com%2Fclient_id
&response_type=vp_token
&scope=openid
&redirect_uri=https%3A%2F%2Fmy.verifier.com%2Fclient_id%2Fdirect_post
&request=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IldPeUM2dVpGRjRzS2N2Z1dyaVVFcC1TeTRjT0xRYkctMUdYSjNqU01COEEifQ.eyJpc3MiOiJodHRwczovL215LnZlcmlmaWVyLmNvbS9jbGllbnRfaWQiLCJhdWQiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJleHAiOjE1ODk2OTkxNjIsInJlc3BvbnNlX3R5cGUiOiJ2cF90b2tlbiIsInJlc3BvbnNlX21vZGUiOiJkaXJlY3RfcG9zdCIsImNsaWVudF9pZCI6Imh0dHBzOi8vbXkudmVyaWZpZXIuY29tL2NsaWVudF9pZCIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vbXkudmVyaWZpZXIuY29tL2NsaWVudF9pZC9kaXJlY3RfcG9zdCIsInNjb3BlIjoib3BlbmlkIiwibm9uY2UiOiJGZ2tlRXJmOTFrZmwiLCJwcmVzZW50YXRpb25fZGVmaW5pdGlvbiI6eyJpZCI6IjxhbnkgaWQsIHJhbmRvbSBvciBzdGF0aWM-IiwiZm9ybWF0Ijp7Imp3dF92YyI6eyJhbGciOlsiRVMyNTYiXX0sImp3dF92cCI6eyJhbGciOlsiRVMyNTYiXX19LCJpbnB1dF9kZXNjcmlwdG9ycyI6W3siaWQiOiI8YW55IGlkLCByYW5kb20gb3Igc3RhdGljPiIsImNvbnN0cmFpbnRzIjp7ImZpZWxkcyI6W3sicGF0aCI6WyIkLnR5cGUiXSwiZmlsdGVyIjp7InR5cGUiOiJhcnJheSIsImNvbnRhaW5zIjp7ImNvbnN0IjoiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIn19fV19fSx7ImlkIjoiPGFueSBpZCwgcmFuZG9tIG9yIHN0YXRpYz4iLCJjb25zdHJhaW50cyI6eyJmaWVsZHMiOlt7InBhdGgiOlsiJC50eXBlIl0sImZpbHRlciI6eyJ0eXBlIjoiYXJyYXkiLCJjb250YWlucyI6eyJjb25zdCI6IlZlcmlmaWFibGVBdHRlc3RhdGlvbiJ9fX1dfX0seyJpZCI6IjxhbnkgaWQsIHJhbmRvbSBvciBzdGF0aWM-IiwiY29uc3RyYWludHMiOnsiZmllbGRzIjpbeyJwYXRoIjpbIiQudHlwZSJdLCJmaWx0ZXIiOnsidHlwZSI6ImFycmF5IiwiY29udGFpbnMiOnsiY29uc3QiOiJWZXJpZmlhYmxlQXR0ZXN0YXRpb24ifX19XX19XX19.izu5hQojnE7d0Bof0oPsPTzMk5-BHRR1D945fkU6szyYpU1cQCAzbiAIoTyIcngJlMGfqYNpDDffZCgg_jN4mA

JWT Header:
{
typ: 'JWT',
alg: 'ES256',
kid: 'WOyC6uZFF4sKcvgWriUEp-Sy4cOLQbG-1GXJ3jSMB8A'
}
JWT Payload:
{
iss: 'https://my.verifier.com/client_id',
aud: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
exp: 1589699162,
response_type: 'vp_token',
response_mode: 'direct_post',
client_id: 'https://my.verifier.com/client_id',
redirect_uri: 'https://my.verifier.com/client_id/direct_post',
scope: 'openid',
nonce: 'FgkeErf91kfl',
presentation_definition: {
id: '<any id, random or static>',
format: { jwt_vc: { alg: [ 'ES256' ] }, jwt_vp: { alg: [ 'ES256' ] } },
input_descriptors: [
{
id: '<any id, random or static>',
constraints: {
fields: [
{
path: [ '$.type' ],
filter: {
type: 'array',
contains: { const: 'VerifiableAttestation' }
}
}
]
}
},
{
id: '<any id, random or static>',
constraints: {
fields: [
{
path: [ '$.type' ],
filter: {
type: 'array',
contains: { const: 'VerifiableAttestation' }
}
}
]
}
},
{
id: '<any id, random or static>',
constraints: {
fields: [
{
path: [ '$.type' ],
filter: {
type: 'array',
contains: { const: 'VerifiableAttestation' }
}
}
]
}
}
]
}
}

The Conformance wallet responds with a test case that the verifier must assert and validate.

The state parameter is mandatory for the VP Token Response when it is present in the VP Token Request sent by the "Authorization Server." In such cases, the Client must ensure that the values of the state parameter are identical in both.

VP Token Response
HTTP POST into: https://my.verifier.com/client_id/direct_post
vp_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciJ9.eyJpc3MiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJhdWQiOiJodHRwczovL215LnZlcmlmaWVyLmNvbS9jbGllbnRfaWQiLCJzdWIiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJpYXQiOjE1ODk2OTkyNjAsIm5iZiI6MTU4OTY5OTI2MCwiZXhwIjoxNTg5Njk5MjYwLCJub25jZSI6IkZna2VFcmY5MWtmbCIsImp0aSI6InVybjp1dWlkOjA3MDYwNjFhLWUyY2EtNDYxNC05ZGU3LTljMTQ1MTkzNWYwMiIsInZwIjp7IkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy8yMDE4L2NyZWRlbnRpYWxzL3YxIl0sImlkIjoidXJuOnV1aWQ6MDcwNjA2MWEtZTJjYS00NjE0LTlkZTctOWMxNDUxOTM1ZjAyIiwidHlwZSI6WyJWZXJpZmlhYmxlUHJlc2VudGF0aW9uIl0sImhvbGRlciI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsInZlcmlmaWFibGVDcmVkZW50aWFsIjpbImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSkZVekkxTmlJc0ltdHBaQ0k2SW1ScFpEcGxZbk5wT25wMlNGZFlNelU1UVRORGRtWktia05aWVVGcFFXUmxJMFl3Y2pWUGVYUmZiR0ZvZG5aNk5rMVhiRmx6TTIxaldVNUxXbWxwVVdSVlpuRjJPSFJ6YUVoT09YY2lmUS5leUpwYzNNaU9pSmthV1E2WldKemFUcDZka2hYV0RNMU9VRXpRM1ptU201RFdXRkJhVUZrWlNJc0luTjFZaUk2SW1ScFpEcHJaWGs2ZWpKa2JYcEVPREZqWjFCNE9GWnJhVGRLWW5WMVRXMUdXWEpYVUdkWmIzbDBlV3RWV2pObGVYRm9kREZxT1V0aWMwVlpkbVJ5YW5oTmFsRTBkSEJ1YW1VNVFrUkNWSHAxVGtSUU0ydHVialp4VEZwRmNucGtOR0pLTldkdk1rTkRhRzlRYW1RMVIwRklNM3B3UmtwUU5XWjFkMU5yTmpaVk5WQnhOa1ZvUmpSdVMyNUlla1J1ZW01RlVEaG1XRGs1YmxwSFozZGlRV2d4YnpkSGFqRllOVEpVWkdobU4xVTBTMVJyTmpaNGMwRTFjaUlzSW1saGRDSTZNVFU0T1RZNU9USTJNQ3dpYm1KbUlqb3hOVGc1TmprNU1qWXdMQ0psZUhBaU9qRTFPRGsyT1RreU5qQXNJbXAwYVNJNkluVnlianAxZFdsa1lqWTVNVFpqTVRBdE9HSTJOQzAwTkRJNExUaGlaalV0WTJSbU5EZ3pPRE16TVRCaklpd2lkbU1pT25zaVFHTnZiblJsZUhRaU9sc2lhSFIwY0hNNkx5OTNkM2N1ZHpNdWIzSm5Mekl3TVRndlkzSmxaR1Z1ZEdsaGJITXZkakVpWFN3aWFXUWlPaUoxY200NmRYVnBaRHBpTmpreE5tTXhNQzA0WWpZMExUUTBNamd0T0dKbU5TMWpaR1kwT0RNNE16TXhNR01pTENKMGVYQmxJanBiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2lWbVZ5YVdacFlXSnNaVUYwZEdWemRHRjBhVzl1SWwwc0ltbHpjM1ZsY2lJNkltUnBaRHBsWW5OcE9ucDJTRmRZTXpVNVFUTkRkbVpLYmtOWllVRnBRV1JsSWl3aWFYTnpkV0Z1WTJWRVlYUmxJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSjJZV3hwWkVaeWIyMGlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0luWmhiR2xrVlc1MGFXd2lPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0ltVjRjR2x5WVhScGIyNUVZWFJsSWpvaU1qQXlNQzB3TlMweE4xUXdOem93TnpvME1Gb2lMQ0pwYzNOMVpXUWlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0ltTnlaV1JsYm5ScFlXeFRkV0pxWldOMElqcDdJbWxrSWpvaVpHbGtPbXRsZVRwNk1tUnRla1E0TVdOblVIZzRWbXRwTjBwaWRYVk5iVVpaY2xkUVoxbHZlWFI1YTFWYU0yVjVjV2gwTVdvNVMySnpSVmwyWkhKcWVFMXFVVFIwY0c1cVpUbENSRUpVZW5WT1JGQXphMjV1Tm5GTVdrVnllbVEwWWtvMVoyOHlRME5vYjFCcVpEVkhRVWd6ZW5CR1NsQTFablYzVTJzMk5sVTFVSEUyUldoR05HNUxia2g2Ukc1NmJrVlFPR1pZT1RsdVdrZG5kMkpCYURGdk4wZHFNVmcxTWxSa2FHWTNWVFJMVkdzMk5uaHpRVFZ5SW4wc0ltTnlaV1JsYm5ScFlXeFRZMmhsYldFaU9uc2lhV1FpT2lKb2RIUndjem92TDJGd2FTMXdhV3h2ZEM1bFluTnBMbVYxTDNSeWRYTjBaV1F0YzJOb1pXMWhjeTF5WldkcGMzUnllUzkyTWk5elkyaGxiV0Z6THpCNE1qTXdNemxsTmpNMU5tVmhObUkzTUROalpUWTNNbVUzWTJaaFl6QmlOREkzTmpWaU1UVXdaall6WkdZM09HVXlZbVF4T0dGbE56ZzFOemczWmpaaE1pSXNJblI1Y0dVaU9pSkdkV3hzU25OdmJsTmphR1Z0WVZaaGJHbGtZWFJ2Y2pJd01qRWlmWDE5LkVHc0UxWVhDX1pySkRCY2NxdGFmeUotaG15NnlRcTl5bm5ZTGctcHBQNWRHbkJNdXNMemdaYlNYcmF3TkQ2MWtBRXMwakNjX2NCYjluc0gyR3ZlTXd3IiwiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOaUlzSW10cFpDSTZJbVJwWkRwbFluTnBPbnAyU0ZkWU16VTVRVE5EZG1aS2JrTlpZVUZwUVdSbEkwWXdjalZQZVhSZmJHRm9kblo2TmsxWGJGbHpNMjFqV1U1TFdtbHBVV1JWWm5GMk9IUnphRWhPT1hjaWZRLmV5SnBjM01pT2lKa2FXUTZaV0p6YVRwNmRraFhXRE0xT1VFelEzWm1TbTVEV1dGQmFVRmtaU0lzSW5OMVlpSTZJbVJwWkRwclpYazZlakprYlhwRU9ERmpaMUI0T0ZacmFUZEtZblYxVFcxR1dYSlhVR2RaYjNsMGVXdFZXak5sZVhGb2RERnFPVXRpYzBWWmRtUnlhbmhOYWxFMGRIQnVhbVU1UWtSQ1ZIcDFUa1JRTTJ0dWJqWnhURnBGY25wa05HSktOV2R2TWtORGFHOVFhbVExUjBGSU0zcHdSa3BRTldaMWQxTnJOalpWTlZCeE5rVm9SalJ1UzI1SWVrUnVlbTVGVURobVdEazVibHBIWjNkaVFXZ3hiemRIYWpGWU5USlVaR2htTjFVMFMxUnJOalo0YzBFMWNpSXNJbWxoZENJNk1UVTRPVFk1T1RJMk1Dd2libUptSWpveE5UZzVOams1TWpZd0xDSmxlSEFpT2pFMU9EazJPVGt5TmpBc0ltcDBhU0k2SW5WeWJqcDFkV2xrWW1KbU16a3lNV1l0TnpCbU1TMDBZakEyTFRnMk56QXRZbVkwWkRWa1kyWmpZVFl6SWl3aWRtTWlPbnNpUUdOdmJuUmxlSFFpT2xzaWFIUjBjSE02THk5M2QzY3Vkek11YjNKbkx6SXdNVGd2WTNKbFpHVnVkR2xoYkhNdmRqRWlYU3dpYVdRaU9pSjFjbTQ2ZFhWcFpEcGlZbVl6T1RJeFppMDNNR1l4TFRSaU1EWXRPRFkzTUMxaVpqUmtOV1JqWm1OaE5qTWlMQ0owZVhCbElqcGJJbFpsY21sbWFXRmliR1ZEY21Wa1pXNTBhV0ZzSWl3aVZtVnlhV1pwWVdKc1pVRjBkR1Z6ZEdGMGFXOXVJbDBzSW1semMzVmxjaUk2SW1ScFpEcGxZbk5wT25wMlNGZFlNelU1UVRORGRtWktia05aWVVGcFFXUmxJaXdpYVhOemRXRnVZMlZFWVhSbElqb2lNakF5TUMwd05TMHhOMVF3Tnpvd056bzBNRm9pTENKMllXeHBaRVp5YjIwaU9pSXlNREl3TFRBMUxURTNWREEzT2pBM09qUXdXaUlzSW5aaGJHbGtWVzUwYVd3aU9pSXlNREl3TFRBMUxURTNWREEzT2pBM09qUXdXaUlzSW1WNGNHbHlZWFJwYjI1RVlYUmxJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSnBjM04xWldRaU9pSXlNREl3TFRBMUxURTNWREEzT2pBM09qUXdXaUlzSW1OeVpXUmxiblJwWVd4VGRXSnFaV04wSWpwN0ltbGtJam9pWkdsa09tdGxlVHA2TW1SdGVrUTRNV05uVUhnNFZtdHBOMHBpZFhWTmJVWlpjbGRRWjFsdmVYUjVhMVZhTTJWNWNXaDBNV281UzJKelJWbDJaSEpxZUUxcVVUUjBjRzVxWlRsQ1JFSlVlblZPUkZBemEyNXVObkZNV2tWeWVtUTBZa28xWjI4eVEwTm9iMUJxWkRWSFFVZ3plbkJHU2xBMVpuVjNVMnMyTmxVMVVIRTJSV2hHTkc1TGJraDZSRzU2YmtWUU9HWllPVGx1V2tkbmQySkJhREZ2TjBkcU1WZzFNbFJrYUdZM1ZUUkxWR3MyTm5oelFUVnlJbjBzSW1OeVpXUmxiblJwWVd4VFkyaGxiV0VpT25zaWFXUWlPaUpvZEhSd2N6b3ZMMkZ3YVMxd2FXeHZkQzVsWW5OcExtVjFMM1J5ZFhOMFpXUXRjMk5vWlcxaGN5MXlaV2RwYzNSeWVTOTJNaTl6WTJobGJXRnpMekI0TWpNd016bGxOak0xTm1WaE5tSTNNRE5qWlRZM01tVTNZMlpoWXpCaU5ESTNOalZpTVRVd1pqWXpaR1kzT0dVeVltUXhPR0ZsTnpnMU56ZzNaalpoTWlJc0luUjVjR1VpT2lKR2RXeHNTbk52YmxOamFHVnRZVlpoYkdsa1lYUnZjakl3TWpFaWZYMTkuc3VyWElVLWo2T0lTU2p3UjlnbTVIVnJ3VmlKWXRTZENFaEp5ZV9kNm1Ib0NJbk1Fb1d4akg0NUl4dEVIREllTTNJcnJXOGIyZjRTei1DZUJlSXdOb3ciLCJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpGVXpJMU5pSXNJbXRwWkNJNkltUnBaRHBsWW5OcE9ucDJTRmRZTXpVNVFUTkRkbVpLYmtOWllVRnBRV1JsSTBZd2NqVlBlWFJmYkdGb2RuWjZOazFYYkZsek0yMWpXVTVMV21scFVXUlZabkYyT0hSemFFaE9PWGNpZlEuZXlKcGMzTWlPaUprYVdRNlpXSnphVHA2ZGtoWFdETTFPVUV6UTNabVNtNURXV0ZCYVVGa1pTSXNJbk4xWWlJNkltUnBaRHByWlhrNmVqSmtiWHBFT0RGaloxQjRPRlpyYVRkS1luVjFUVzFHV1hKWFVHZFpiM2wwZVd0VldqTmxlWEZvZERGcU9VdGljMFZaZG1SeWFuaE5hbEUwZEhCdWFtVTVRa1JDVkhwMVRrUlFNMnR1YmpaeFRGcEZjbnBrTkdKS05XZHZNa05EYUc5UWFtUTFSMEZJTTNwd1JrcFFOV1oxZDFOck5qWlZOVkJ4TmtWb1JqUnVTMjVJZWtSdWVtNUZVRGhtV0RrNWJscEhaM2RpUVdneGJ6ZEhhakZZTlRKVVpHaG1OMVUwUzFSck5qWjRjMEUxY2lJc0ltbGhkQ0k2TVRVNE9UWTVPVEkyTUN3aWJtSm1Jam94TlRnNU5qazVNall3TENKbGVIQWlPakUxT0RrMk9Ua3lOakFzSW1wMGFTSTZJblZ5YmpwMWRXbGtZVFJrWVdKaE5XVXRaR1ppTUMwMFpqQmlMVGc0TlRVdE1XTTBaRGszWldJeU5HRXlJaXdpZG1NaU9uc2lRR052Ym5SbGVIUWlPbHNpYUhSMGNITTZMeTkzZDNjdWR6TXViM0puTHpJd01UZ3ZZM0psWkdWdWRHbGhiSE12ZGpFaVhTd2lhV1FpT2lKMWNtNDZkWFZwWkRwaE5HUmhZbUUxWlMxa1ptSXdMVFJtTUdJdE9EZzFOUzB4WXpSa09UZGxZakkwWVRJaUxDSjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpVm1WeWFXWnBZV0pzWlVGMGRHVnpkR0YwYVc5dUlsMHNJbWx6YzNWbGNpSTZJbVJwWkRwbFluTnBPbnAyU0ZkWU16VTVRVE5EZG1aS2JrTlpZVUZwUVdSbElpd2lhWE56ZFdGdVkyVkVZWFJsSWpvaU1qQXlNQzB3TlMweE4xUXdOem93TnpvME1Gb2lMQ0oyWVd4cFpFWnliMjBpT2lJeU1ESXdMVEExTFRFM1ZEQTNPakEzT2pRd1dpSXNJblpoYkdsa1ZXNTBhV3dpT2lJeU1ESXdMVEExTFRFM1ZEQTNPakEzT2pRd1dpSXNJbVY0Y0dseVlYUnBiMjVFWVhSbElqb2lNakF5TUMwd05TMHhOMVF3Tnpvd056bzBNRm9pTENKcGMzTjFaV1FpT2lJeU1ESXdMVEExTFRFM1ZEQTNPakEzT2pRd1dpSXNJbU55WldSbGJuUnBZV3hUZFdKcVpXTjBJanA3SW1sa0lqb2laR2xrT210bGVUcDZNbVJ0ZWtRNE1XTm5VSGc0Vm10cE4wcGlkWFZOYlVaWmNsZFFaMWx2ZVhSNWExVmFNMlY1Y1doME1XbzVTMkp6UlZsMlpISnFlRTFxVVRSMGNHNXFaVGxDUkVKVWVuVk9SRkF6YTI1dU5uRk1Xa1Z5ZW1RMFlrbzFaMjh5UTBOb2IxQnFaRFZIUVVnemVuQkdTbEExWm5WM1UyczJObFUxVUhFMlJXaEdORzVMYmtoNlJHNTZia1ZRT0daWU9UbHVXa2RuZDJKQmFERnZOMGRxTVZnMU1sUmthR1kzVlRSTFZHczJObmh6UVRWeUluMHNJbU55WldSbGJuUnBZV3hUWTJobGJXRWlPbnNpYVdRaU9pSm9kSFJ3Y3pvdkwyRndhUzF3YVd4dmRDNWxZbk5wTG1WMUwzUnlkWE4wWldRdGMyTm9aVzFoY3kxeVpXZHBjM1J5ZVM5Mk1pOXpZMmhsYldGekx6QjRNak13TXpsbE5qTTFObVZoTm1JM01ETmpaVFkzTW1VM1kyWmhZekJpTkRJM05qVmlNVFV3WmpZelpHWTNPR1V5WW1ReE9HRmxOemcxTnpnM1pqWmhNaUlzSW5SNWNHVWlPaUpHZFd4c1NuTnZibE5qYUdWdFlWWmhiR2xrWVhSdmNqSXdNakVpZlgxOS5QSUNDWldCNnA1elFveFZKT2Z0MXlRU09Gb1RncFM4cVdUUDNDdGdRN0hCSFN0VFNuVEllbGpncVBaaXZHbHNhOVItQW5aZlNtcGxwaTF3X21fZVlRUSJdfX0.HBfJM7yaYgz0Lm93fGFKnQb56r5DUIRZ_lSWaRFdPspzeI4sD0vTh2r2sSj7f3VjiJLPCc0eZivRuq28YmyUOA
&presentation_submission=%7B%22id%22%3A%22a30e3b91-fb77-4d22-95fa-871689c322e2%22%2C%22definition_id%22%3A%22%3Cdefinition+id%3E%22%2C%22descriptor_map%22%3A%5B%7B%22id%22%3A%22%3Cequals+to+definition+first%3E%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24verifiableCredential%5B0%5D%22%7D%7D%2C%7B%22id%22%3A%22%3Cequals+to+definition+second%3E%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24verifiableCredential%5B1%5D%22%7D%7D%2C%7B%22id%22%3A%22%3Cequals+to+definition+third%3E%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24verifiableCredential%5B2%5D%22%7D%7D%5D%7D

JWT Header:
{
typ: 'JWT',
alg: 'ES256',
kid: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r#z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r'
}
JWT Payload:
{
iss: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
aud: 'https://my.verifier.com/client_id',
sub: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
iat: 1589699260,
nbf: 1589699260,
exp: 1589699260,
nonce: 'FgkeErf91kfl',
jti: 'urn:uuid:0706061a-e2ca-4614-9de7-9c1451935f02',
vp: {
'@context': [ 'https://www.w3.org/2018/credentials/v1' ],
id: 'urn:uuid:0706061a-e2ca-4614-9de7-9c1451935f02',
type: [ 'VerifiablePresentation' ],
holder: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
verifiableCredential: [
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkYjY5MTZjMTAtOGI2NC00NDI4LThiZjUtY2RmNDgzODMzMTBjIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDpiNjkxNmMxMC04YjY0LTQ0MjgtOGJmNS1jZGY0ODM4MzMxMGMiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIl0sImlzc3VlciI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlIiwiaXNzdWFuY2VEYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZEZyb20iOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkVW50aWwiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImV4cGlyYXRpb25EYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJpc3N1ZWQiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIn0sImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtc2NoZW1hcy1yZWdpc3RyeS92Mi9zY2hlbWFzLzB4MjMwMzllNjM1NmVhNmI3MDNjZTY3MmU3Y2ZhYzBiNDI3NjViMTUwZjYzZGY3OGUyYmQxOGFlNzg1Nzg3ZjZhMiIsInR5cGUiOiJGdWxsSnNvblNjaGVtYVZhbGlkYXRvcjIwMjEifX19.EGsE1YXC_ZrJDBccqtafyJ-hmy6yQq9ynnYLg-ppP5dGnBMusLzgZbSXrawND61kAEs0jCc_cBb9nsH2GveMww',
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkYmJmMzkyMWYtNzBmMS00YjA2LTg2NzAtYmY0ZDVkY2ZjYTYzIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDpiYmYzOTIxZi03MGYxLTRiMDYtODY3MC1iZjRkNWRjZmNhNjMiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIl0sImlzc3VlciI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlIiwiaXNzdWFuY2VEYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZEZyb20iOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkVW50aWwiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImV4cGlyYXRpb25EYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJpc3N1ZWQiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIn0sImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtc2NoZW1hcy1yZWdpc3RyeS92Mi9zY2hlbWFzLzB4MjMwMzllNjM1NmVhNmI3MDNjZTY3MmU3Y2ZhYzBiNDI3NjViMTUwZjYzZGY3OGUyYmQxOGFlNzg1Nzg3ZjZhMiIsInR5cGUiOiJGdWxsSnNvblNjaGVtYVZhbGlkYXRvcjIwMjEifX19.surXIU-j6OISSjwR9gm5HVrwViJYtSdCEhJye_d6mHoCInMEoWxjH45IxtEHDIeM3IrrW8b2f4Sz-CeBeIwNow',
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkYTRkYWJhNWUtZGZiMC00ZjBiLTg4NTUtMWM0ZDk3ZWIyNGEyIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDphNGRhYmE1ZS1kZmIwLTRmMGItODg1NS0xYzRkOTdlYjI0YTIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIl0sImlzc3VlciI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlIiwiaXNzdWFuY2VEYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZEZyb20iOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkVW50aWwiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImV4cGlyYXRpb25EYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJpc3N1ZWQiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIn0sImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtc2NoZW1hcy1yZWdpc3RyeS92Mi9zY2hlbWFzLzB4MjMwMzllNjM1NmVhNmI3MDNjZTY3MmU3Y2ZhYzBiNDI3NjViMTUwZjYzZGY3OGUyYmQxOGFlNzg1Nzg3ZjZhMiIsInR5cGUiOiJGdWxsSnNvblNjaGVtYVZhbGlkYXRvcjIwMjEifX19.PICCZWB6p5zQoxVJOft1yQSOFoTgpS8qWTP3CtgQ7HBHStTSnTIeljgqPZivGlsa9R-AnZfSmplpi1w_m_eYQQ'
]
}
}

The test case is completed by returning error and error_description, redirection to a secondary authentication, or redirection with a code field. The Conformance Wallet will not follow the redirects and evaluates the test case based on the answer.

Authorisation Response
HTTP 302 Location: openid://?error=access_denied&error_description=%5Battestation-id%5D+is+expired

Tests

Tests assert Verifiable Credential and Presentation domain specific rules. They do not include cryptography, security or specific penetration testing. Every test case will start when the Conformance Wallet initiates a code flow. The Authorisation Request's scope defined by the Holder Wallet will drive the ID Token or VP Token tests.

All ID Token and VP Token requests must be requested with the response_mode of direct_post.

ID Token exchange

An ID Token test is requested with the scope of openid ver_test:vp_token.

The Conformance Wallet initiates the test through the Conformance UI, where the Verifier must respond with an ID Token Request. After the DID has been "authorised", the Verifier must return a redirect to the original redirect_uri with code and state.

An ID Token proves control over the DID, with optional standard claims issued by the DID controller.

Verifiable Presentations

For all cases, the Conformance Wallet initiates the test through the Conformance UI. The Verifier must respond with a VP Token Request, containing the fixed Presentation Definition. VP Token tests are always requested with the scope of openid ver_test:vp_token.

Valid Credential in a Presentation

The Conformance Wallet responds with a valid Verifiable Presentation containing valid Verifiable Credentials.

The Verifier must return a redirect to the original redirect_uri with code and state.

Expired credential in a Presentation

The Conformance Wallet responds with a valid Verifiable Presentation containing an expired Verifiable Credential.

The expected response is a redirect to the original redirect_uri, with the query parameters error of "access_denied" and error_description of "<$presentation_submission.descriptor_map[x].id> is expired"

Revoked credential in a Presentation

The Conformance Wallet responds with a valid Verifiable Presentation containing a revoked Verifiable Credential.

The expected response is a redirect to the original redirect_uri, with the query parameters error of "access_denied" and error_description of "<$presentation_submission.descriptor_map[x].id> is revoked"

Not yet valid credential in a Presentation

The Conformance Wallet responds with a valid Verifiable Presentation containing a Verifiable Credential which is valid in the future.

The expected response is a redirect to the original redirect_uri, with the query parameters error of "access_denied" and error_description of "<$presentation_submission.descriptor_map[x].id> is not yet valid"