driver.id
Developers

The verifier, under the hood

driver.id implements an ISO 18013-5 verifier over two transports. The cross-device flow uses OpenID4VP: requests are signed with an X.509 leaf certificate (x509_san_dns client id), and the wallet returns an encrypted direct_post.jwt response. The same-device flow uses the W3C Digital Credentials API with the ISO 18013-7 Annex C org-iso-mdoc profile — a signed readerAuthAll DeviceRequest invoked via navigator.credentials.get, with the HPKE-encrypted response decrypted inline. Either way, the verifier validates the issuer-signed mDOC.

Endpoints

POST/api/verify/startCreate a cross-device session and return the openid4vp:// request URI.
GET/api/verify/request/[id]Serve the signed authorization request JWT to the wallet.
POST/responseWallet response endpoint (direct_post.jwt); decrypts and parses the mDOC.
GET/api/verify/status/[id]Poll for completion and the verified result.
POST/api/verify/dc/startBuild a same-device ISO 18013-7 Annex C (org-iso-mdoc) request for navigator.credentials.get.
POST/api/verify/dc/responseAccept the Digital Credentials API result, HPKE-decrypt and verify the mDOC inline.
POST/api/verify/conformanceTrigger the OpenID conformance test suite.

OpenID conformance test

Triggers a signed request against the OpenID conformance suite at demo.certification.openid.net.