MDoc
MDoc presentations are represented as DeviceSigned structures, and can be verified with Document Rails against a list of trusted X.509 certificates.
Output
| Name | Value | Description |
|---|---|---|
kind | mdoc | Credential kind identifier |
doctype | String value | Credential type |
namespaces | JSON object | Embedded credential namespaces, where the top-level object identifies the namespace, and nested values identify fields |
certificate_chain | Certificate chain | Certificate chain embedded within the credential |
Example output
{
"credentials": [
{
"kind": "mdoc",
"doctype": "org.iso.18013.5.1.mDL",
"namespaces": {
"org.iso.18013.5.1": {
"given_name": "John",
"family_name": "Doe"
}
},
"certificate_chain": [
{
"not_after_ts": 1785000040,
"not_before_ts": 1753464040,
"common_name": "Test Cert",
"country_name": "XX",
"organization_name": "Example",
"performed_revocation_checks": [
{
"type": "crl",
"url": "https://example.com/ca.crl"
}
]
},
{
"not_after_ts": 1785000040,
"not_before_ts": 1753464040,
"common_name": "Intermediate CA",
"country_name": "XX",
"organization_name": "Example",
},
{
"not_after_ts": 1785000040,
"not_before_ts": 1753464040,
"common_name": "Root CA",
"country_name": "XX",
"organization_name": "Example",
}
]
}
]
}
Example
import { verify, VerifyInputKind } from "@vaultie/document-rails";
const response = await verify(
client,
accessToken,
organizationId,
{
input: {
kind: VerifyInputKind.MDoc,
data: "..."
},
trust_registries: [trustRegistryId],
}
);