01
Verification journey
While different wallets implement different standards (ISO mDL or W3C Verifiable Credentials), the Cloud SDK handles the protocol differences automatically so applications integrate once and support multiple wallet ecosystems. The verification journey below shows how Cloud SDK, and Verify with Credence work together.
- Step
- 01
- Stage
- Session Initialization
- Description
- The application calls POST /v1/setup so Cloud SDK validates the license key with the Verify with Credence and returns access tokens for subsequent API calls.
- Step
- 02
- Stage
- Verification Request Created
- Description
- Clients call POST /v1/getDocRequest or /dcapi/openid4vp/v1/initiate. Cloud SDK prepares the credential request and defines the identity attributes required for verification.
- Step
- 03
- Stage
- Wallet Engagement
- Description
- The holder is prompted to present their digital ID using browser credential APIs (DC API) or a QR code session depending on the flow.
- Step
- 04
- Stage
- Secure Session Established
- Description
- The browser and wallet exchange encryption keys and session parameters so subsequent credential data is protected.
- Step
- 05
- Stage
- Credential Request Delivered
- Description
- The wallet receives the request, either an ISO mDL DeviceRequest or an OpenID4VP credential request based on the wallet protocol.
- Step
- 06
- Stage
- Holder Consent
- Description
- The wallet shows the requested attributes to the user and asks for approval before sharing the credential.
- Step
- 07
- Stage
- Credential Response Returned
- Description
- After approval, the wallet sends the credential response containing identity attributes and cryptographic proofs (ISO DeviceResponse or W3C Verifiable Presentation).
- Step
- 08
- Stage
- Cryptographic Validation
- Description
- Cloud SDK verifies credential integrity, issuer signature, certificate validity, and trusted issuer registry entries.
- Step
- 09
- Stage
- Policy & Issuer Verification
- Description
- The issuer is checked against the trusted issuer registry in Verify with Credence so only recognized authorities are accepted.
- Step
- 10
- Stage
- Verification Result
- Description
- Once validation succeeds, Cloud SDK returns the approved attributes and verification status to the client application.
| Step | Stage | Description |
|---|---|---|
| 01 | Session Initialization | The application calls POST /v1/setup so Cloud SDK validates the license key with the Verify with Credence and returns access tokens for subsequent API calls. |
| 02 | Verification Request Created | Clients call POST /v1/getDocRequest or /dcapi/openid4vp/v1/initiate. Cloud SDK prepares the credential request and defines the identity attributes required for verification. |
| 03 | Wallet Engagement | The holder is prompted to present their digital ID using browser credential APIs (DC API) or a QR code session depending on the flow. |
| 04 | Secure Session Established | The browser and wallet exchange encryption keys and session parameters so subsequent credential data is protected. |
| 05 | Credential Request Delivered | The wallet receives the request, either an ISO mDL DeviceRequest or an OpenID4VP credential request based on the wallet protocol. |
| 06 | Holder Consent | The wallet shows the requested attributes to the user and asks for approval before sharing the credential. |
| 07 | Credential Response Returned | After approval, the wallet sends the credential response containing identity attributes and cryptographic proofs (ISO DeviceResponse or W3C Verifiable Presentation). |
| 08 | Cryptographic Validation | Cloud SDK verifies credential integrity, issuer signature, certificate validity, and trusted issuer registry entries. |
| 09 | Policy & Issuer Verification | The issuer is checked against the trusted issuer registry in Verify with Credence so only recognized authorities are accepted. |
| 10 | Verification Result | Once validation succeeds, Cloud SDK returns the approved attributes and verification status to the client application. |
02
Wallet protocol support
The Cloud SDK supports the major digital credential ecosystems used by modern mobile wallets.
- Wallet Flow
- Apple Wallet (DC API)
- Standard
- ISO Standard
- Status
- β Supported
- Notes
- Uses ISO/IEC 18013-7 Annex C through Safari's Digital Credentials API for same-device and hybrid QR flows.
- Wallet Flow
- Google Wallet (DC API + OpenID4VP)
- Standard
- ISO Standard
- Status
- β Supported
- Notes
- OpenID4VP with DCQL via Chrome and Android Credential Manager for same-device and cross-device verification.
- Wallet Flow
- Samsung Wallet (OID4VP Annex B)
- Standard
- ISO Standard
- Status
- β Supported
- Notes
- Implements ISO/IEC 18013-7 Annex B with signed request JWT at request_uri and vp_token response.
- Wallet Flow
- State Wallets
- Standard
- W3C Standard
- Status
- β Supported
- Notes
- OpenID4VP with W3C Verifiable Credentials Data Model (VCDM); responses arrive as Verifiable Presentations.
| Wallet Flow | Standard | Status | Notes |
|---|---|---|---|
| Apple Wallet (DC API) | ISO Standard | β Supported | Uses ISO/IEC 18013-7 Annex C through Safari's Digital Credentials API for same-device and hybrid QR flows. |
| Google Wallet (DC API + OpenID4VP) | ISO Standard | β Supported | OpenID4VP with DCQL via Chrome and Android Credential Manager for same-device and cross-device verification. |
| Samsung Wallet (OID4VP Annex B) | ISO Standard | β Supported | Implements ISO/IEC 18013-7 Annex B with signed request JWT at request_uri and vp_token response. |
| State Wallets | W3C Standard | β Supported | OpenID4VP with W3C Verifiable Credentials Data Model (VCDM); responses arrive as Verifiable Presentations. |
03
Try it out
Explore a live sample application built with the Cloud SDK to see the full remote verification flow in action.
β
Live demo available
We have a sample app built using the Cloud SDK that demonstrates the end-to-end remote verification experience β from credential request to wallet response. Open it in your browser to try it out.