Skip to content

Regular flow

sequenceDiagram
    participant Wallet
    participant Document Rails
    participant Application
    Application-->>Document Rails: Presentation initialization
    Document Rails-->>Application: OID4VP URL

    Note over Application: The URL is converted to the QR code
    Application->>Wallet: QR code is displayed to the user

    Note over Wallet: User scans the QR code
    Wallet->>Document Rails: Wallet requests the signed presentation request
    Document Rails->>Wallet: Signed presentation request
    Note over Wallet: User decides what to share
    Wallet->>Document Rails: OID4VP presentation response

    Document Rails-->>Application: Verification status

  1. Your application initializes the OID4VP verification session and receives the invitation URL.

  2. Your application converts the URL to the QR code and displays it to the user.

  3. User scans the QR code using their credential wallet. In the background, their wallet fetches the information about the presentation request.

  4. User decides which credentials to share with your application.

  5. Wallet encodes selected credentials and sends them to Document Rails.

  6. Document Rails sends information about the verified credentials using outbound webhooks.

Initialization

Prerequisites

  1. Your organization should have at least one signing key that supports OID4VP.

  2. Required credentials should be configured within your organization. You may re-use the same credential identifiers that you use for issuance.

Examples

import { createOID4VPPresentation, ResponseMode } from "@vaultie/document-rails";

const response = await createOID4VPPresentation(
    client,
    accessToken,
    organizationId,
    {
        // Signing key used to sign the presentation request.
        //
        // Make sure the provided signing key has `oid4vp_client_id_prefix` configured,
        // as it is required for OID4VP functionality.
        //
        // See "Signing keys" documentation for information about supported keys.
        key_id: keyId,

        // Credential variables identifiers.
        //
        // You can combine credential variables from multiple different credentials,
        // in which case Document Rails will require the provided credentials
        // from the holder.
        credential_vars: [1, 2, 3],

        // Identifier of the outbound webhook that will be used to send verification results.
        outbound_webhook_id: outboundWebhookId,

        // Select which trust registries to use for verifying the wallet response.
        //
        // Note that selected trust registries will apply to all credentials within the wallet response.
        trust_registries: [trustRegistryId],

        // Optionally, you may customize the verification behavior using flags from the verification API.
        //
        // OID4VP API supports all flags from the verification API and applies the same default values.
        check_certificate_not_after: "ignored",
        check_certificate_not_before: "ignored",
    }
);

After initializing the presentation, you should convert the returned URL to QR code and display it to the user.

Document Rails will send the verification result to the selected outbound webhook as soon as the OID4VP presentation is processed. See outbound webhook documentation for more information about how to handle presentation result requests.