API Reference

Cloud SDK — API Reference

A complete developer reference for the Cloud SDK API, supporting secure and interoperable identity verification with Apple Wallet, Google Wallet, Samsung Wallet and State wallet.

Base URL: https://credenceid.com/cloudsdkdevBearer authJSONInteractive
01

Authentication

All API access begins with activation using a license key and profile ID. Use POST /v1/refresh to renew tokens before expiry.

Activate the verifier and obtain JWT tokens. Uses your license key and profile ID to establish an authenticated session. The Origin header must match the domain registered with your license.

URLhttps://credenceid.com/cloudsdkdev/v1/setup
Request Body
json — Request
{
  "licenseKey": "CS_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "profileId":  "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
Request Fields
FieldTypeReq.Description
licenseKeystringRequiredLicense key in CS_... format provided by CredenceID.
profileIdstringRequiredProfile UUID that determines the verification configuration.
json — HTTP 200 OK
{
  "accessToken":  "eyJ...",
  "refreshToken": "rt_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "expiresIn":    900,
  "tokenType":    "Bearer",
  "customerName": "Acme Corp",
  "profileName":  "Default Profile"
}
FieldDescription
accessTokenJWT valid for 15 minutes. Use as Authorization: Bearer <token>.
refreshTokenOpaque token valid for 7 days. Use to renew the access token.
expiresInAccess token TTL in seconds (900 = 15 min).
tokenTypeAlways "Bearer".
customerNameConfigured customer name for the active license.
profileNameHuman-readable profile name tied to the profile ID.
ℹī¸
Implementation note
Call this from your backend. Treat the returned tokens as server-side credentials — never expose them to the client.
ℹī¸
Chrome requirement for DC API flows
Apple Wallet and Google Wallet flows require Chrome 128+ with chrome://flags/#web-identity-digital-credentials enabled.
02

DC API — ISO 18013 (Apple Wallet)

Verify ISO standard mobile driver's licenses via the browser using Digital Credential (DC) API. For Apple Wallet on iOS

03

DC API — OpenID4VP (Google Wallet)

Verify ISO standard mobile driver's licenses via the browser Digital Credentials API using the OpenID4VP protocol. For Google Wallet on Android.

04

OpenID4VP mdoc Annex B (Samsung / CA DMV)

Verify ISO standard mobile driver's licenses using QR-code-based verification using ISO 18013-7 Annex B. Supports Samsung Wallet and CA DMV mDL wallets.

05

W3C OpenID4VP (State mDL)

QR-code-based flow using W3C OpenID4VP with did:web identity and direct_post response mode.

06

Wallet-Facing Endpoints

These endpoints are called automatically by wallets during the verification flow and must remain publicly reachable. If they are blocked by a firewall, private network policy, or ingress rule, the wallet cannot complete the flow.

07

Configuration

Retrieve profile configuration to confirm which document types and fields the verifier is set up to request.

Flow

Integration Flow Summary

plaintext
1. POST /v1/setup         → get accessToken + refreshToken
2. POST /v1/refresh       → renew accessToken before expiry

Per verification:
  Apple Wallet:   POST /v1/getDocRequest                      → navigator.credentials.get() → POST /v1/verifyDocRequest
  Google Wallet:  POST /dcapi/openid4vp/v1/initiate          → navigator.credentials.get() → POST /dcapi/openid4vp/v1/validate
  Annex B:        POST /openid4vp/v1/mdoc/initiate           → wallet calls GET /request + POST /response → GET /resume or poll POST /result
  W3C (State):    POST /w3c/openid4vp/v1/initiate            → wallet calls GET /request + POST /callback → poll POST /validate
Compatibility

Wallet Compatibility

Flow
DC API ISO 18013
Protocol
org-iso-mdoc via DC API
Tested Wallets
Apple Wallet (iOS)
Flow
DC API OpenID4VP
Protocol
openid4vp via DC API
Tested Wallets
Google Wallet (Android)
Flow
OpenID4VP Annex B
Protocol
ISO 18013-7 Annex B
Tested Wallets
Samsung Wallet, CA DMV (mdoc)
Flow
W3C OpenID4VP
Protocol
W3C + did:web
Tested Wallets
State mDL (jwt_vc_json)
FlowProtocolTested Wallets
DC API ISO 18013org-iso-mdoc via DC APIApple Wallet (iOS)
DC API OpenID4VPopenid4vp via DC APIGoogle Wallet (Android)
OpenID4VP Annex BISO 18013-7 Annex BSamsung Wallet, CA DMV (mdoc)
W3C OpenID4VPW3C + did:webState mDL (jwt_vc_json)
Reference

Common Headers

Header
Authorization
Value
Bearer <accessToken>
When
All protected endpoints
Header
Content-Type
Value
application/json
When
POST requests with a body
Header
Origin
Value
Your registered domain
When
POST /v1/setup only
HeaderValueWhen
AuthorizationBearer <accessToken>All protected endpoints
Content-Typeapplication/jsonPOST requests with a body
OriginYour registered domainPOST /v1/setup only